Devious virus writers have come up with a new twist on ransomware-style malware.

A new strain of Trojan encrypts recently-opened files on compromised Windows PCs. But instead of demanding a ransom for a decryption key to unlock files, the malware relies on users to search the web for a possible way-out.

Hackers have cleverly baited searches for likely terms, with links to sites offering a supposed fix actually developed by the crooks behind the ruse.

A fuller explanation of the scam can be found Symantec's write-up on the Ramvicrype Trojan here and in a blog posting by Symantec researcher Shunichi Imano here. ®

Related stories

• Russian ransomware blocks net access (1 December 2009)
• Smut page ransomware Trojan ransacks browsers (27 July 2009)
• Updated Ransomware Trojan code break 'impractical' (13 June 2008)
• Security militia sought to brutalize ransomware virus (6 June 2008)
• Ransomware Trojan locks up infected PCs (3 January 2008)
• Ransomware getting harder to break (24 July 2006)
• Online attack holds files to ransom (31 May 2006)
• Comment Innovative ways to fool people (5 May 2006)