Help - Search - Members - Calendar
Full Version: Worm encrypts your data and asks for ransom
Dumpshock Forums > Discussion > Shadowrun
Backgammon
QUOTE

Trojan holds computer files to ransom

    * 14:15 25 May 2005
    * NewScientist.com news service
    * Duncan Graham-Rowe

Security experts warned on Tuesday of a new type of threat to computer users called “ransom-ware” - malicious code which tries to extort money from users by encoding files on their machines and holding them to ransom.

The new exploit was discovered by San Diego-based company Websense when a corporate client received a demand for $200 for the digital keys to unlock their data.

The malicious code was traced back to a corrupted website. It took advantage of a vulnerability in the victim’s web browser, which allowed the code embedded in the website to run automatically on the user’s PC.

Once it has infected a computer, the program - a type of Trojan called Pgpcoder - searches the victim’s hard drive for 15 common file types to encode, including Word, Excel documents and stored web pages.
Electronic extortion

A note then appears on the victim’s screen demanding money for the decoder, with details of an electronic account and a contact email address. “It’s just another version of extortion,” says Dan Hubbard, director of security and defence at Websense. But the attack appears to be isolated and fortunately the encoding algorithm was not particularly sophisticated, he adds.

After studying the algorithm, Joe Stewart, a computer security consultant with Chicago-based Lurhq, was quickly able to reverse-engineer it and build a decoder to recover the data. He says it was trivial to decode, although the Trojan’s name - Pgpcoder - misleadingly suggests it harnesses the extremely secure encryption software, PGP.

But the danger now is that, instead of using easily decodable algorithms, virus writers might turn to military-grade encryption systems instead. “It would be all but impossible to decrypt the files,” says Stewart. This in itself may be terrifying enough to cause some people to pay up.


Seems like the kind of thing deckers would do!
Demosthenes
Yeah...
But you'd want to be really careful (as a decker, as well as IRL) about how you protect your identity when you go to collect.
It'd suck if Joe Corp used your extortion data to track you down and ram a black hammer prog down your datajack...
kryton
Maybe it's there to point fingers at a completely unrelated party? Say someone the programmer has rival against. This could be a hacker pointing to an individual who owes him or her money ect. It would be ironic if the account pointed to a Swiss account tied to the military or a military/governmental official. Just because the virus points to you doesn't mean you wrote the code.

Hopefully the coder got rid of the source code and riped his HD's free space.
Wounded Ronin
Wouldn't it be relatively easy to catch someone who tries to get in contact with you like that?

By the way, I think that we should set up a special Federal office to take people who write viruses and throw them into the cage at the next UFC, so that they can throw pathetic computer geek punches against someone like Tank Abbot. And we give Tank Abbot tartar sauce so he can eat them.
Jrayjoker
QUOTE (Wounded Ronin)
By the way, I think that we should set up a special Federal office to take people who write viruses and throw them into the cage at the next UFC, so that they can throw pathetic computer geek punches against someone like Tank Abbot. And we give Tank Abbot tartar sauce so he can eat them.

Thanks for the image.

If the hacker had any real skill he (and I am assuming it was a he) would have been able to do more damage and used a real algorythm.

And $200? WTF?
wagnern
Perhaps they should treat virius production like what it is, vandalism.

"Lets see, your little virus shut down 250 thousand computers and destroyed all data on them, now if we estimate each one of these down computers cost two days of work#, and the employees produce 100 dollars an hour for the employer*, that adds up to . . . -wow, thats a lot of zeros- . . . 50 million dollars of damages. And that dosen't even include damages to indivisuals computers."

#random figure from my head. I imagine some would be up in working in minutes with little lost because of backups, and some would be down for a while and lost their backups so they had to begin a lot a work from scratch.
*That is what me and my fellow chemist are charged out to our clients at.

of corse the problem is catching the scum.

I hope noone ever caves to someone with this kind of plan. If it works wonce, they will do it agian. Take the Isralie aproach to ransoms.
Edward
I don’t think the vandalism laws (listed under destruction of property in Australia) scale to that kind of level. In fact I can’t think of a way to do mor than about 100k worth of damage without being guilty of something worse than destruction of property, be it auto theft, arson, stealing, terrorism.

Edward
Kyuhan
I know a few individuals who, if given a ransom like this, would instead invest their resources into finding the fools who highjacked'em...and then they'd make sure said fools would never again be able to use their hands for anything more than gesturing to their preferred liquid meals, forget typing.

However kryton has a point about framing others, in that light, this mindset would be bad.
Nikoli
That mindset is often bad. Satisfying when properly applied, but still very bad.
Wounded Ronin
QUOTE (Nikoli)
That mindset is often bad. Satisfying when properly applied, but still very bad.

Save the script kiddies?
hyzmarca
QUOTE (Edward)
I don’t think the vandalism laws (listed under destruction of property in Australia) scale to that kind of level. In fact I can’t think of a way to do mor than about 100k worth of damage without being guilty of something worse than destruction of property, be it auto theft, arson, stealing, terrorism.

Edward

Give me a box cutter and take me to the Louvre. I'll show you how you can do 100k+ damage without being guilty of anything else.

That would actually be an interesting run. An argry artist or art collector paying some runners to publicly deface a priceless painting.
Wounded Ronin
QUOTE (hyzmarca)
QUOTE (Edward @ Jun 1 2005, 05:14 PM)
I don’t think the vandalism laws (listed under destruction of property in Australia) scale to that kind of level. In fact I can’t think of a way to do mor than about 100k worth of damage without being guilty of something worse than destruction of property, be it auto theft, arson, stealing, terrorism.

Edward

Give me a box cutter and take me to the Louvre. I'll show you how you can do 100k+ damage without being guilty of anything else.

That would actually be an interesting run. An argry artist or art collector paying some runners to publicly deface a priceless painting.

And then anally dominate them with DNA evidence after the fact. I'll bet that in the heat of the moment a lot of the players would forget that using bodily secretions on a painting really isn't a good idea.
nezumi
Errr... I think he was talking about slashing up the paintings, not bleeding on them, in which case bodily secretions shouldn't come into play unless you secrete box cutters.
Kagetenshi
What we need are some more old-school viruses. Screw holding drives for ransom, random devastation or subtle long-term data loss is what it's really all about.

It's so sad seeing things get commercialized like this.

~J
Wounded Ronin
QUOTE (nezumi)
Errr... I think he was talking about slashing up the paintings, not bleeding on them, in which case bodily secretions shouldn't come into play unless you secrete box cutters.

I dunno, the ultimate way to deface the Mona Lisa would be to ejaculate on her face, yes?
nezumi
*chuckle* That would be pretty theatrical, but I can't imagine ANY running group that'd be willing to take quite that sort of a job.

I'm going to be laughing about that one for a while, though...
SkeevePlowse
Well, you can't forget the ever-popular 'set it on fire and then pee it out'.
Chibu
QUOTE (Kagetenshi)
What we need are some more old-school viruses. Screw holding drives for ransom, random devastation or subtle long-term data loss is what it's really all about.

It's so sad seeing things get commercialized like this.

~J

you said it. People are now writing for braging writes. And that pisses me off. if i get a virus that someome made as a test of skill, fine by me, however, if it's for braging, or for destruction, i will hunt them down and they will not be happy about it ^-^.

And, the encryption worm, looks more like a test of someone's skill, and not wonton destruction. I think it was pretty neet.
Kagetenshi
What we really need is another virus that will play us German folk tunes at random intervals.

~J
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012