Thursday, January 14, 2010

Gimmie All Your Money!

Ya know if it weren’t for that innate (albeit imperfect) sense of morality that our species has evolved over millions of years I’d already have the money for that sailboat by now. I’m almost smart enough to pull-off the type of scam we will discuss today. Fortunately for all of you I am really horrible at not getting caught so I think I’ll stick to cleaning up the mess you good people make of your computers for now.

Today, both my readers get to learn a new word: Ransomeware. says, “Ransomware is computer malware which holds a computer system, or the data it contains, hostage against its user by demanding a ransom for its restoration.” Actually it’s not new (it’s been around since at least 1989) but criminals have found some untraceable ways of receiving money that may cause this kind of extortion to become more popular. If the past few weeks are any indication, many of you are already intimately familiar with this kind of scumware.

The extortion begins with a vulnerable computer becoming infected. Once settled in, the malware hides and encrypts your personal stuff such as documents and pictures. Next, a dialog box opens that says something along the lines of “Gimmie your wallet or you will never see your data again!” I think we will be seeing more of this in the coming months.

We have recently seen a huge upsurge in a ransomware called “Antivirus System Pro” or “Antivirus Live.” This little booger will change the settings of Internet Explorer so that you cannot browse to any site other than the “Antivirus Live” site so that you can purchase the program. It essentially ransoms the normal use of your computer until you purchase the program.

Another kind of ransomware declares that it will destroy one data file every 30 minutes unless you send some money to a specified account via Western Union. Another one will release data back to the victim only if the victim purchases something from a specified Web site that is usually located in Russia.

There is no magic formula to avoid ransomeware extortion. A lot of this stuff used to be transmitted via Facebook and Myspace messages and the victims were generally younger users who do risky things such as downloading “free” (but very illegal) music or visiting website that mom would not approve of. However, we have seen a dramatic rise in older folks getting infected. We recently sold a new computer to an older client and she got herself infected within 5 minutes of hooking the computer up to the internet. We have examined the system and are at a complete loss to explain how she got infected.

My advice to you now is what it always has been: Keep your operating system up-to-date by running Windows Update. You should also visit and make sure you have the latest version of Adobe Flash and Adobe Acrobat Reader. Oh, and don’t ever neglect your antivirus software. If you don’t have some, get some. And, for crying out loud, please backup your important data immediately. The criminals know you are being irresponsible with your data and take full advantage of that. Don’t let them!

No comments: