Sophos has warned of a Trojan, called Ransom-A, which prevents users from accessing their computers. The Trojan demands a ransom of $10.99 to be paid by Western Union.


Sophos has warned of a Trojan, called Ransom-A, which prevents users from accessing their computers. The Trojan demands a ransom of $10.99 to be paid by Western Union.

Once activated, the Trojan displays the following message:

“is this computer valuable. it better not be. is this a business computer. it better not be. do you keep important company records or files on this computer. you’d better hope not. because there are files scattered all over it tucked away in invisible hidden folders undetectable by antivirus sofware the only way to remove them and this message is by a CIDN number.” [Source]

The Trojan threatens to delete one file every 30 minutes until the ransom money is paid. The Trojan also explains that the CIDN number can only be obtained by making the payment via Western Union.

Graham Cluley, senior technology consultant for Sophos, said: “This Trojan horse is designed to take your data hostage, and tries to scare users into paying up quickly by threatening to wipe files one-by-one. Our concern is that this may be the beginning of a growing trend of malware designed to extort money from innocent users.

Ransomware like this underlines the importance for every computer user to make regular backups of their important data, and to defend their computers with up-to-date security software.”
[Source]

If a user tries to delete the Trojan by pressing Ctrl+Alt+Del, the following message is displayed:

“Yeah, We don’t die, We multiply! Ctrl+Alt+Del isn’t quite working today, is it? I’m not the sharpest tool in the shed but Crtl+Alt+Del is everyone’s S.O.S.” [Source]

For more information on the Trojan, click here.

 

 

 

 

Sharing is caring