- WASHINGTON - The latest threat
to computer users doesn't destroy data or steal passwords - it locks up
a person's electronic documents, effectively holding them hostage, and
demands $200 to get them back.
-
- Security researchers at San Diego-based Websense uncovered
the unusual extortion plot when a corporate customer they would not identify
fell victim to the infection, which encrypted files that included documents,
photographs and spreadsheets.
-
- A ransom note left behind included an e-mail address,
and the attacker using the address later demanded $200 for the digital
keys to unlock the files.
-
- "This is equivalent to someone coming into your
home, putting your valuables in a safe and not telling you the combination,"
said Oliver Friedrichs, a security manager for Symantec. The company said
yesterday that the problem was serious but not deemed a high-level threat
because there were no indications it was widespread.
-
- The FBI said the scheme was unlike other Internet extortion
crimes. Leading security and antivirus firms this week were updating protective
software for companies and consumers to guard against this type of attack,
which experts dubbed "ransomware."
-
- "This seems fully malicious," said Joe Stewart,
a researcher at Chicago-based Lurhq, who studied the attack software. Stewart
managed to unlock the infected computer files without paying the extortion,
but he worries that improved versions might be more difficult to overcome.
-
- "You would have to pay the guy, or law enforcement
would have to get his key to unencrypt the files," Stewart said.
-
- The latest danger adds to the risks facing beleaguered
Internet users, who must increasingly deal with categories of threats that
include spyware, viruses, worms, phishing e-mail fraud and denial-of-service
attacks.
-
- In the recent case, computer users could be infected
by viewing a vandalized Web site with vulnerable Internet browser software.
The infection locked up at least 15 types of data files and left behind
a note with instructions to send e-mail to a particular address to purchase
unlocking keys. In an e-mail reply, the hacker demanded $200 be wired to
an Internet banking account.
-
- There was no reply to e-mails sent to that address Monday
by The Associated Press.
-
- Experts said the Web site where the infection originally
spread already had been shut down. They also said the hacker's demand for
payment might be his weakness, because bank transactions can be traced.
-
- Copyright © 2005 The Seattle Times Company
-
- http://seattletimes.nwsource.com/html/pe
|