Scareware package incorporates file ransom trickery
Cybercrooks have combined two threats with a fake anti-virus package that holds files for ransom.
The malware comes in the guise of a utility called Antivirus2009 that claims to have located corrupted files on affected systems. Prospective marks are told they are need to download a package dubbed FileFix Professional to recover these files.
In reality, Antivirus2009 is responsible for encrypting the supposedly corrupted files, targeting documents in a blighted user's My Documents folder. FileFix Professional unscrambles this content but only after users pay $50 for software of dubious utility.
Antivirus firms are adding detection for both dubious packages. Computer help forum BleepingComputer.com has detailed instructions on how to remove FileFix Professional from infected systems. That advice alone isn't enough to recover scrambled files. Fortunately, however, web security firm FireEye has established a free Web-based service to recover encrypted files, as explained in its write-up of the threat here. Trend Micro has screenshots of the malicious utility FileFix Professional here.
The incorporation of scareware and ransonware tactics represents an evolution in the development of rogue security (AKA scareware) packages. The number of rogue anti-malware programs in circulation rose from 2,850 in July to 9,287 in December 2008, a three-fold increase in the space of just six months, according to the latest figures from the Anti-Phishing Working Group. ®
Why the *fuck* is *anyone* still running Windows?
For fuck's sake, it's less effort to go back to doing stuff by hand than it is to keep a bunch of Windows boxes malware-free.
If a "fix" to a scam is being "sold" by the scammer ...
then some money is changing hands, and its presumably not being done in cash.
That money, surely, is passing through some sort of money transfer service. Initially, maybe, to a middleman who doesn't know what it is for ... and via countries whose police may or may not be very competent or very co-operative ... but sooner or later that money has to end up with somebody who knows who is doing this.
regularly and every time a high value item is added to the my documents file.
a daily back up to a usb drive is simple and cheap.
no excuses for nor doing so.