Security researchers have stumbled upon a new piece of ransomware that blocks an infected computer from accessing the Internet until a fee is paid via SMS (text message).
According CA researcher Zarestel Ferrer, the ransomware file is bundled with a program called uFast Download Manager. Once a machine is infected, a message is posted in Russian (see image above) demanding a ransom under the guise of activating the uFast Download Manager application.
Here is a rough English translation:
Internet access is blocked due to violation of the license agreement schedules of uFast Download Manager You must activate your copy
Get a registration code by sending an SMS with the following code fw0004199 to number 7122
In response you will receive an activation message.
Enter the activation message received from the SMS response ________
CA is offering an activation code generator for this particular ransomware variant.
See our previous coverage of ransomware attacks:
- New LoroBot ransomware encrypts files, demands $100 for decryption
- New Gpcode (encryption) ransomware speading via botnet
- Who's behind the GPcode ransomware?