The antivirus experts at CA have stumbled upon a new trojan horse in the “ransomware” category. That’s the category for software that will demand a ransom, as the name implies.
This Russian trojan horse appears to be a download manager called “uFast Download Manager”. Once you launch it, a message will inform you that you’ve violated the terms of this application and it has disconnected you from the Internet.
If you want to get back online, you have to send a text message (SMS) which will charge you a certain amount of money. You will get a message back, containing the verification code you will need to enter to once again get Internet access.
CA has created an utility that will generate the verification code for you, so you don’t have to pay for the text message. For more information you can search for “Win32/RansomSMS.AH” which is the name for this new trojan, or click here.
Very interesting virus.i especially liked the part where you have to send a sms to clear. wonder how it works. any way im safe using linux. 😀
.-= Ramkumar´s last blog ..Password Manager for Chrome =-.
I guess it’s just like when ordering ringtones and other stuff by sending a SMS to a certain number. The server you’re sending to will then charge you more than what a normal SMS would cost and in return, you get your ringtone (or in this case, the code needed to unlock your Internet connection).
I have some questions. What is CA and if what the Russians are doing is illegal, why doesn’t the US do anything about it?
Not sure what CA stands for, but they have 13,200 employees..
Why the US doesn’t do anything about it? Well, because this isn’t “Command & Conquer: Red Alert” 😀 Just because some Russians does something bad it doesn’t mean the US has to step in.
Besides, there are virus makers in pretty much any country around the world, I would bet.
lol, now thats a neat virus. Can’t help but admire their creativity.
Original press statement (including key generator)
http://community.ca.com/blogs/securityadvisor/archive/2009/11/30/ransomware-blocks-internet-access.aspx
Thanks – link added to the post!
Thanks for this update.
.-= John Samuel ´s last blog ..Open Link in New Tab versus Background Tab =-.
Love the way this virus does. Why doesn’t it require to send it some bucks via paypal, haha it’s a weird thought!
.-= Phaoloo´s last blog ..10+ Icon And Smiley Sets For This Christmas =-.
They’d be caught a lot quicker.
.-= Dennis Edell´s last blog ..Simons Running A Contest – Over $800 In Prizes! =-.
Looks like a new generation virus…….. More over this virus is quite wired… 🙂
.-= Sandesh´s last blog ..Make your PC faster and more security with Mr Fix =-.
Thank you Klaus for the new virus information, I think we have to be alert for it.
.-= chandan´s last blog ..Sponsored tweets- great work at home opportunity =-.
Wow who can count the federal laws being broken there.
Btw, CA = Computer Associates. #2 behind Microsoft.
.-= Dennis Edell´s last blog ..Simons Running A Contest – Over $800 In Prizes! =-.
Computer Associates – of course, I knew I had it somewhere I just couldn’t remember it 🙂 Even looked at their website but it didn’t show in any place I looked. Thanks!
REally useful update. Thanks for sharing…