Ransomware Becoming More Common
October 10, 2011 | POSTED BY BRETT EDGAR IN MALWARE, SECURITY AWARENESS & TRAINING
Just about everyone with an Internet connection has heard the term "malware." Even most home users (my dear old dad included) have heard the term "spyware," even if they aren't sure what it means. But have you heard of "ransomware"? Get ready, I've got a feeling it's going to be the "next big (bad) thing" on the Internet.
is a type of malware that attempts to extort money from users it infects. One of the first samples of ransomware was the AIDS Virus
in the late 1980s. The virus would encrypt and hide disk contents and then ask the user to pay $189 to "license" the decryption software. It has only been in the last half-decade or so that ransomware has been becoming more prevalent on the Internet.
A new Trojan is now making its way around the usual social-networking sites. Kaspersky Labs is calling it Trojan.Win32.Agent.ARVP. This little guy is apparently Russian-language only at the moment, but it attempts to extort 500 rubles (equivalent to about $17 US) out of the user by claiming that it will forward child-pornography evidence to the authorities. There's really nothing new about this trojan--using the threat of pornography is certainly not a new concept for ransomware. However, it is spreading via social networking, and is a very quick translation away from targeting the English-speaking world.
Many users in the corporate world will likely be afraid (or at least hesitant) to report an infection of this ransomware due to the potential HR ramifications of being the user of a computer that may contain pornography. The pornography threat is likely an empty threat, but it's enough to give users pause...
I suggest that corporate CISOs send a monthly e-mail to all users reminding them of the necessity of reporting any suspicious behavior on their workstations immediately. The same e-mail should include a short discussion of ransomware and make it clear that such malware often uses the threat of pornography to scare users, and that even if the malware happened to drop adult content on the computer, the user would not be held liable for the presence of dropped content.