02 Nov 2012
Ransomware that encrypts users’ data has been around for quite a while under various pretexts: illegal downloads via torrent, the alleged presence of pornography on the user’s computer and so on. A new breed of ransomware however, is using the image of the “Anonymous Hackers Group” to force people to shed money in exchange for getting their data back.
According to the team at abuse.ch who discovered the e-threat, the new piece of ransomware has a lock screen that reads “Your computer has been hacked by the Anonymous Hackers Group and locked for the moment. All files have been encrypted. You need to pay a ransom of £100 within 24 hours to restore the computer back to normal.”
It is unclear whether the hacktivist team at Anonymous is responsible for the incident or whether this is just the work of a smaller team trying to capitalize on the image of world’s most famous hacking crew at the moment.
“If the ransom is not paid on time all the contents of your computer will be deleted and all your personal information such as your name, address, D.O.B., etc. will be published online, after this has been done the process, ram and motherboard will be fried. Any attempts to remove this virus will result in the consequences mentioned,” warns the lock screen.
The funds are to be sent via UKash, a UK-based service that moves pre-paid credit from one owner to another in an untraceable manner, making it extremely difficult for law enforcement to follow the money trail to the attacker.
Since ransomware usually encrypts data using strong algorithms, there is no way of circumventing the mechanism to decrypt data back to their initial state without paying the ransom. One way users can avoid the trouble is to install an antivirus solution that intercepts and removes ransomware as soon as it attempts to encrypt the system.