. 24/7 Space News .
SPACE WIRE
Trojan horse holds computers to ransom
  • Parisians brace for flooding risks as Seine creeps higher
  • Volcanos, earthquakes: Is the 'Ring of Fire' alight?
  • Finland's president Niinisto on course for second term
  • Record rain across soggy France keeps Seine rising
  • Record rain across sodden France keeps Seine rising
  • State of emergency as floods worry Paraguay capital
  • Panic and blame as Cape Town braces for water shut-off
  • Fresh tremors halt search ops after Japan volcano eruption
  • Cape Town now faces dry taps by April 12
  • Powerful quake hits off Alaska, but tsunami threat lifted
    • PARIS (AFP) Jun 01, 2005
     Software protection companies are warning that a vicious new form of cyber-attack known as "ransomware" is threatening computers by encrypting documents and demanding money for them to be decrypted.

    Symantec, a manufacturer of anti-virus programs, said on Wednesday on its website (http://www.symantec.com/avcenter/venc/data/trojan.pgpcoder.html) that the attacking program is a "Trojan horse" that enters the computer via holes in the victim's web browser, scans a hard drive and encrypts any text-based documents that it finds.

    Unlike a virus, a Trojan horse does not replicate from machine to machine.

    If it installs successfully, the new threat wipes out text files then displays a ransom note demanding 200 dollars (153 euros) to supply decryption software that will restore the data back to its original, readable form.

    So far, only one case of "ransomware" has come to light, but this could be the start of a new and dangerous generation of malicious software, the British weekly New Scientist says in its next issue dated Saturday.

    The algorithm used to scramble the data was not very sophisticated in this case, and the encrypted documents were easily decoded by a computer consultant.

    "The danger now is that the virus writers might turn to using strong military-grade encryption systems," leaving the victim with little option but to pay up to decrypt his files, New Scientist warns.

    The new program goes under the name of pgpcoder, apparently to besmirch the name of Pretty Good Privacy (PGP), a legal, popular and highly secure encryption product.

    The "ransomware" case was spotted by the Californian web-filtering company Websense, which has notified the US Federal Bureau of Investigation (FBI), New Scientist says.

    As with extortion everywhere, the weakness of "ransomware" is the line of contact. The demand includes a contact email address and an electronic bank account, both of which can be traced.




    All rights reserved. copyright 2018 Agence France-Presse. Sections of the information displayed on this page (dispatches, photographs, logos) are protected by intellectual property rights owned by Agence France-Presse. As a consequence, you may not copy, reproduce, modify, transmit, publish, display or in any way commercially exploit any of the content of this section without the prior written consent of Agence France-Presse.