Antivirus expert: 'Ransomware' on the rise

Discussion in 'Spyware' started by Anonyma, Feb 7, 2007.

  1. Anonyma

    Anonyma Guest

    SAN FRANCISCO--Online criminals are turning away from threatening
    companies with massive cyberattacks in favor of encrypting a victim's
    data and then demanding money to decrypt it, an antivirus expert has

    Eugene Kaspersky, head of antivirus research at Russia's Kaspersky
    Labs, told the RSA Conference here Tuesday that the use of so-called
    "ransomware Trojans" is a key trend for 2007.

    This malicious software infects a PC, encrypts some data and then
    displays an alert telling the victim to send money to get the
    decryption key needed to access their data again. Such malicious
    software isn't new. Early examples include Cryzip, discovered in March
    2006, and GPCode, discovered in May 2005.

    Cryzip and GPCode didn't cause massive damage, but Kaspersky believes
    cybercriminals will refine their use of ransomware Trojans this year.
    The final version of GPCode used a 660-bit encryption key, which should
    have taken a single powerful PC around 30 years to crack but was
    actually broken quickly by Kaspersky Labs, he said.

    "We cracked it in 10 minutes," Kaspersky explained, "because this guy
    did not read the cryptographic book until the end. But if he does get
    to the end, antivirus vendors will not be able to decrypt and recover
    your data without help."

    He also told the conference that distributed denial-of-service (DDoS)
    attacks--where a company's servers are bombarded with data in an
    attempt to drive it offline--are declining. This is partly because
    better filtering technologies have been developed that can strip out
    DDoS traffic before it reaches a corporate server. Another factor is
    the arrest of several people accused of extorting money from companies
    by launching a DDoS attack and demanding payment in exchange for
    stopping the attack.

    "This is a dangerous kind of criminal activity, because the attack
    takes place before the money is transferred," Kaspersky said,
    explaining that victims of DDoS attacks have the opportunity to get the
    police involved before paying a ransom. One audience member pointed out
    that someone who falls victim to a ransomware Trojan could also get the
    police involved. However, Kaspersky said the police might not be very
    interested, as the ransom might be only $20 or $30.

    Several U.K. online betting companies, including Betfair, were targeted
    with DDoS attacks in the summer of 2004. Later that year, nine Russian
    citizens were arrested over their alleged involvement in the crimes,
    and three were later sentenced to eight years imprisonment. However,
    the two suspected ringleaders are still at large.

    Kaspersky said he is concerned that law enforcement is struggling to
    catch Internet criminals. "In 2004, there were around 100 arrests of
    suspected cybercriminals. In 2005, there were around 400. But last
    year, there were just 100. It seems that the stupid guys are being
    jailed, but the clever ones are still operating," he said.
    Anonyma, Feb 7, 2007
    1. Advertisements

  2. Anonyma

    Slarty Guest

    Companies who never backup their data, I asssume.

    In which case they're doomed anyway, eventually.


    Slarty, Feb 8, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.