Sophos has warned of the new Zippo Trojan. The Trojan encrypts the user’s computer files, including Word documents, databases and spreadsheets, and then demands a $300 ransom to reveal the password.


Sophos has warned of the new Zippo Trojan. The Trojan encrypts the user’s computer files, including Word documents, databases and spreadsheets, and then demands a $300 ransom to reveal the password.

The Trojan searches for the files on the user’s computer and then moves them into password-encrypted ZIP files. The Trojan creates another file which informs the user on how they have to pay $300 to an E-Gold account to get the password and recover their files.

Graham Cluley, senior technology consultant for Sophos, said: “The Zippo Trojan horse is bold as brass, scooping up your valuable data and locking it away until you agree to pay the ransom to the criminals who have “kidnapped” your files. Companies who have made regular backups may be able to recover easily, but less diligent businesses may be in a quandary about whether to cough up the cash.” [Source]

Sophos experts believe that they have uncovered the password. According to them, the password is “C:Program FilesMicrosoft Visual StudioVC98″.

Graham Cluley said: “So there should be no need for anyone unfortunate enough to have suffered from this ransomware attack to have to pay the reward to the criminals behind it. It looks like this password was deliberately chosen by the Trojan’s author in an attempt to fool analysts into thinking it was a directory path instead.” [Source]

For more information on the Zippo Trojan, Source.

 

 

 

 

Sharing is caring