/>
X

New ransomware locks PCs, demands premium SMS for removal

UPDATE: Another variant has been detected.Following the recently uncovered hybrid scareware with elements of ransomware, and last year's GPcode ransomware attacks, cybercriminals have once again demonstrated their interest in the concept of ransomware.
Written by Dancho Danchev on

UPDATE: Another variant has been detected.

Following the recently uncovered hybrid scareware with elements of ransomware, and last year's GPcode ransomware attacks, cybercriminals have once again demonstrated their interest in the concept of ransomware.

PandaLabs is reporting on a newly discovered ransomware variant which locks the affected user's PC, and demands a premium SMS in order to deactivate it.

Trj/SMSlock.A doesn't have any self-propagation functions and appears to be coming under the form of a typical fake codec that has been affecting users for over a week now. The message (in Russian) demands that the affected user sends an SMS with the pseudo-unique number to the given number in order to receive deactivation code. From a monetization perspective, the approach is pretty similar to the recent Trojan-SMS.Python.Flocker mobile malware which was transferring account credit, and mimicking the original functionality of the RedBrowser mobile malware which was automatically sending SMS messages to premium-rate numbers in 2006.

Just how dangerous is SMSlock.A? Compared to GPcode, it's the work of less technically sophisticated people, making it fairly easy to bypass. Dr.Web has even released a generator for deactivation codes so that affected users don't have to pay.

Ransomware is not a fad, that's for sure. In fact, Trend Micro's Annual Threat Report: Cybercriminals are Working Faster than Ever stated that ransomware attacks are prone to increase in a targeted fashion during Q2 of 2009. And whereas the current variants do not have self-propagation functions, their primarily propagation vector remains the hundreds of currently active blackhat search engine optimization campaigns serving the ubiquitous fake codecs (Cybercriminals syndicating Google Trends keywords to serve malware; Massive comment spam attack on Digg.com leads to malware).

Related

Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
A United Airlines pilot made a big speech to passengers. Not everyone will love it
screen-shot-2022-08-09-at-9-39-33-am.png

A United Airlines pilot made a big speech to passengers. Not everyone will love it

Business
How to get Photoshop for free
photoshop free trial

How to get Photoshop for free

Photo & Video