Rediff.com« Back to articlePrint this article

Quick Heal detects virus that demands a $300 ransom

October 23, 2013 18:10 IST

VirusCyber security firm Quick Heal said on Wednesday it has detected a new computer virus, CryptoLocker ransomware, which after encrypting files in a user's computer demands a ransom of $300 (around Rs 18,500) for decrypting them.

Ramsomware, a kind of malicious software, is designed to block access to a computer until a certain sum of money is paid.

Generally, it targets individuals.

"In early September 2013, Quick Heal Threat Research and Response lab received several incidents about a malware that once executed encrypts files in the victim's computer and demands a certain ransom for decryption," Quick Heal said in a statement.

This malware makes a demand of $300 through prepaid card services like UKash, Bitcoin or MoneyPak, it added.

This type of malware is spread using social engineering tricks especially via email such as fake FedEx or UPS tracking notifications with attachments. Once the victim opens such email attachments, CryptoLocker gets installed and starts scanning the hard disk for all kinds of documents, it said.

Documents include images, videos, documents, spreadsheets and presentations, Quick Heal said adding the virus encrypts the files and once the user starts operating his/her system, it pops a message demanding a sum of $300

to buy a private key to decrypt the files, Quick Heal added.

"The malware gives a deadline of 100 hours to pay the ransom and get the private key to decrypt the data.

“If the amount is not paid it destroys the private key and your encrypted data is locked forever with no way to recover it," the firm said.

Hackers behind this malware are able to avoid the trace back by using digital cash systems like Bitcoins and MoneyPack where the payments can be anonymous.

"Since last couple of weeks we have been seeing over 500 incidents per day of this malware.

“The incidents are being reported from all over India," Quick Heal Chief Technical Officer Sanjay Katkar said.

The firm also said that cyber criminals are employing similar tactics to fleece money from the victims.

"Another similar kind of ransomware that goes by the name of 'Anti-Child Porn Spam' was seen infecting few computers in last couple of days.

“This shows that the trend for ransomware is growing," Quick Heal added.

© Copyright 2024 PTI. All rights reserved. Republication or redistribution of PTI content, including by framing or similar means, is expressly prohibited without the prior written consent.