Devious decryption scam rides ransomware Trojan
We can remember it for you wholesale
Agentless Backup is Not a Myth
Devious virus writers have come up with a new twist on ransomware-style malware.
A new strain of Trojan encrypts recently-opened files on compromised Windows PCs. But instead of demanding a ransom for a decryption key to unlock files, the malware relies on users to search the web for a possible way-out.
Hackers have cleverly baited searches for likely terms, with links to sites offering a supposed fix actually developed by the crooks behind the ruse.
A fuller explanation of the scam can be found Symantec's write-up on the Ramvicrype Trojan here and in a blog posting by Symantec researcher Shunichi Imano here. ®
COMMENTS
Not the first time
We've seen this tactic before. Back in 2006 we saw a Trojan that encrypted the contents of My Documents and then dropped a file that had "instructions" on how to get your stuff back. It usually involved sending money or buying stuff from a CanPharm page. Here's the post if you are interested: http://www.sophos.com/pressoffice/news/articles/2006/06/arhiveus.html
and here's the money tactic: http://www.sophos.com/pressoffice/news/articles/2006/03/zippo.html
What these scammers won't do for money.
It's normally a good idea...
...to be familiar with at least one legitimate resource when it comes to things like these, I have my go-to guys online, they're tried and tested and have saved my backside more than once over the years, I'd go directly to their URL in a case like this.
Could this Fail?
I'm sure that security firms will be able to get their pages to trump the scammers' on search engine ranks for those key words.
IT infrastructure monitoring strategies
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Data control in the cloud
Cloud based data management
Agentless Backup is Not a Myth
