TELECOM Digest OnLine - Sorted: Trojan Freezes Computer, Demands $10.99 Ransom

Trojan Freezes Computer, Demands $10.99 Ransom

Jeremy Kirk, IDG (
Thu, 27 Apr 2006 14:36:54 -0500

Jeremy Kirk, IDG News Service

A new kind of malware circulating on the Internet freezes a computer
and then asks for a ransom paid through the Western Union Holdings
money transfer service.

A sample of the Trojan horse virus was sent to Sophos, a security
vendor, said Graham Cluley, senior technology consultant. The malware,
which Sophos named Troj/Ransom-A, is one of only a few viruses so far
that have asked for a ransom in exchange for releasing control of a
computer, Cluley said.

The new Trojan falls into a class of viruses described as
"ransomware." The schemes had been seen in Russia, but the first one
appeared in English just last month.

"It is a new kind of malware with a particularly nasty payload,"
Cluley said.

It's unclear how the Trojan is being spread, although Sophos is
investigating, Cluley said. Viruses can be spread in several ways,
including through spam or a so-called drive-by download that exploits
a browser vulnerability when a user visits a malicious Web site.

PC Frozen, Files at Risk

Once run, the Trojan freezes the computer, displaying a message saying
files are being deleted every 30 minutes. It then gives instructions
on how to send $10.99 via Western Union to free the computer.

Hitting the control, alt, and delete keys will not affect the bug, the
virus writer warns. Sophos provides further details at its Web site.

The virus writer even offers tech support, Cluley said. If the method
of unlocking the computer doesn't work after the money is sent, the
virus writer promises to research the problem and includes an e-mail

Last month, a Trojan emerged that encrypts a user's documents and then
leaves a file demanding $300 in exchange for the password to access
the information. Victims were instructed to send money to one of 99
accounts run by e-gold, a company that runs a money transfer site.

The password, however, was contained on the infected computer. Sophos
cracked it and publicly released it.

Copyright 2006 PC World Communications, Inc.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at . Hundreds of new
articles daily. And, discuss this and other topics in our forum at (or)

For more tech news, please go to:

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: "Google's Clickfraud Settlement Offer is a Complete Fraud:"
Go to Previous message: Reuters News Wire: "California Okays Broadband Over Power Lines Test"
TELECOM Digest: Home Page