Devious decryption scam rides ransomware Trojan
We can remember it for you wholesale
Devious virus writers have come up with a new twist on ransomware-style malware.
A new strain of Trojan encrypts recently-opened files on compromised Windows PCs. But instead of demanding a ransom for a decryption key to unlock files, the malware relies on users to search the web for a possible way-out.
Hackers have cleverly baited searches for likely terms, with links to sites offering a supposed fix actually developed by the crooks behind the ruse.
Not the first time
We've seen this tactic before. Back in 2006 we saw a Trojan that encrypted the contents of My Documents and then dropped a file that had "instructions" on how to get your stuff back. It usually involved sending money or buying stuff from a CanPharm page. Here's the post if you are interested: http://www.sophos.com/pressoffice/news/articles/2006/06/arhiveus.html
and here's the money tactic: http://www.sophos.com/pressoffice/news/articles/2006/03/zippo.html
What these scammers won't do for money.
It's normally a good idea...
...to be familiar with at least one legitimate resource when it comes to things like these, I have my go-to guys online, they're tried and tested and have saved my backside more than once over the years, I'd go directly to their URL in a case like this.
Could this Fail?
I'm sure that security firms will be able to get their pages to trump the scammers' on search engine ranks for those key words.