Your Money or Your Data
AntiOnline Spotlight: What's worse than losing your data to malware? Paying a ransom to get it back.
We've seen something like this a couple of years ago. Then, scoundrels were threatening businesses with denial of service attacks if they didn't pony up some protection money.
Now the easy money crowd has branched out in a disturbing new direction.
|Like the sight of money? So do malware coders nowadays.|
But accompanying those instructions are words that delivers bit of sting because they carry an element of truth. According to this internetnews.com report, users are treated to this little admonishment:
"Your computer catched our software while browsing illigal porn pages, all your documents, text files, databases was archived with long enought password."
Of course, their spelling and grammar could use some help, but there you have it, avoid those dark recesses of the Internet! Even if you don't visit online peepshows, always be wary of unknown sites and take special care of the files you download and the e-mail attachments you launch.
Note: Any opinions expressed below are solely those of the individual posters on the AntiOnline forums.
This Is New... Ransom Trojans
A word of warning from user Sm0kinP0t:
One could think the usual Trojan would always have the same purpose (z0mbies, credit and other data theft, DoS and so on...), but the folks at Sophos have found a new sort of Trojan, one that focuses malicious actions on password-encrypting documents, spreadsheets and database files only to later ask the victim for a $300 payment to an E-Gold account...
nihil reminds the group about the only reliable protection against data loss:
These first started to show up at the beginning of last year. They didn't seem to catch on, probably because it is difficult to actually collect the money without getting caught.
If you think about it, this is no big deal. If you got a virus that wiped out your data, you would be in the same position.
The answer is to have backups.
thehorse13 warns not to overlook other methods that may not sound as exciting but are still intended to cause financial harm nonetheless.
...truly new attack vectors focus on primitive tools. Why use a keylogger when the person throws the sought-after data into the garbage without shredding it?
I'd concentrate on low-tech vectors such as dumpster diving. These classic attack vectors are beginning to see an increase in use. Same for war dialing.
When we shift focus as a security community, the bad guys always look for the path of least resistance.
On the tech side of things, leveraging services such as DNS to sneak data in and out of environments is on the rise. Encrypted throttled sessions is another fabulous vector. Hiding in the white noise of network traffic is next to impossible to detect.
How do you handle hostage takers? Discuss it here.