14 DAY TRIAL // Remember that pay-by-phone exploit that attempted to infect your computer and steal your money? Well, it seems like it is much more dangerous than we've expected. Security company Trend Micro today published an advisory concerning TROJ_RANSOM.B, the Trojan horse that supports the entire attack, saying that it affects all Windows versions, starting with '98 and ending with Server 2003. The high damage potential can only prove us that it is pretty dangerous and users must do anything it's possible to defend their systems.
So, how can you get infected? It's enough to visit a malicious website equipped with the Trojan and, in case the system is not protected, it will be infected in no-time. In addition, the Trojan horse can be deployed by other malware already installed on the computer, Trend Micro explained.
But what's worse is that TROJ_RANSOM.B is able to lock people out of their computers and restrict the access to the system unless they pay for a rogue security application. As I said yesterday, the infection displays a security warning and demands the victim to send a SMS to a certain call number to purchase a security program that would be able to remove the infection. Today's Trojan is doing exactly the same thing: it displays an image to lock the system and ask people to send a SMS in order to buy the application.
"It is capable of locking users out of vulnerable systems and demanding a pay-by-phone activation fee. After dropping all its components, it displays an image to lock the affected system. Affected users are then presented with the option of sending a text message to an SMS number or calling a phone number to obtain a 'license code' that ostensibly unlocks their compromised systems. The options are billed at different rates", the security company mentioned in the advisory.