Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Virus alerts

April 13th, 2012, 12:55 GMT · By

Ransomware Accuses Users of Piracy and Encrypts Files

SHARE:

Adjust text size:

The Trojan encrypts all the important files, making them inaccessible
Enlarge picture
Three independent security firms have come across a dangerous piece of ransomware that encrypts all the important files it finds on a computer, demanding a €50 (&60) fine for the password that’s needed to decrypt them.

Bitdefender, F-Secure and Doctor Web experts all came across the nasty piece of malware that accuses the victim of utilizing “illegal programs.”

Detected by Bitdefender as Trojan.Ransom.HM, the malicious element scans the system for HTML, PDF, txt and multimedia files, encrypting them and replacing their original extensions with .EnCiPhErEd.

Once all the files are encrypted, a text called "HOW TO DECRYPT FILES.txt” is placed in all the folders, containing instructions on how to free the system.

“Attention! All your files are encrypted! You are using unlicensed programms! To restore your files and access them, send code Ukash or Paysafecard nominal value of EUR 50 to the e-mail Koeserg@gmail.com. During the day you receive the answer with the code,” reads the message from the file.

The victims are also warned that if they enter too many incorrect codes, the data will be locked forever.

Bitdefender experts found that the ransomware is built with a special tool that allows scammers to easily create it.

F-Secure researchers say that the encryption mechanism is not very complex and they are currently working on cracking it.

From Dr. Web we find out that infections with this piece of malware have been seen in a large number of European countries, including Bulgaria, Germany, Italy, Spain, England, Austria and Norway.

Once the infection is unleashed, there’s not much you can do to get your files back, except for paying the ransom demanded by the cybercrooks.

This is why users must be extra cautious when downloading something from file-sharing sites and forums, the places where most of these malevolent elements have been seen.

Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile or follow me at @EduardKovacs1


2,945 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Scareware Demands Ransom After Making Files and Folders Invisible
Metropolitan Police: Beware of Law Enforcement Viruses
Trend Micro Analyzes “Police Trojans”
French Police Warnings Served to Users Who Visit Luxury Cake Site

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use