New Trojan Horse Could Take Your Internet Connection Hostage

by Klaus on December 3, 2009

in Tech News, Virus

computer-virusThe antivirus experts at CA have stumbled upon a new trojan horse in the “ransomware” category. That’s the category for software that will demand a ransom, as the name implies.

This Russian trojan horse appears to be a download manager called “uFast Download Manager”. Once you launch it, a message will inform you that you’ve violated the terms of this application and it has disconnected you from the Internet.

If you want to get back online, you have to send a text message (SMS) which will charge you a certain amount of money. You will get a message back, containing the verification code you will need to enter to once again get Internet access.

CA has created an utility that will generate the verification code for you, so you don’t have to pay for the text message. For more information you can search for “Win32/RansomSMS.AH” which is the name for this new trojan, or click here.


{ 14 comments… read them below or add one }

Ramkumar December 3, 2009 at 02:30

Very interesting virus.i especially liked the part where you have to send a sms to clear. wonder how it works. any way im safe using linux. 😀
.-= Ramkumar´s last blog ..Password Manager for Chrome =-.

Klaus @ TechPatio December 3, 2009 at 10:23

I guess it’s just like when ordering ringtones and other stuff by sending a SMS to a certain number. The server you’re sending to will then charge you more than what a normal SMS would cost and in return, you get your ringtone (or in this case, the code needed to unlock your Internet connection).

Adrian Gonzalez December 3, 2009 at 05:20

I have some questions. What is CA and if what the Russians are doing is illegal, why doesn’t the US do anything about it?

Klaus @ TechPatio December 3, 2009 at 10:25

Not sure what CA stands for, but they have 13,200 employees..

Why the US doesn’t do anything about it? Well, because this isn’t “Command & Conquer: Red Alert” 😀 Just because some Russians does something bad it doesn’t mean the US has to step in.

Besides, there are virus makers in pretty much any country around the world, I would bet.

Martin December 3, 2009 at 09:01

lol, now thats a neat virus. Can’t help but admire their creativity.
Original press statement (including key generator)

Klaus @ TechPatio December 3, 2009 at 10:25

Thanks – link added to the post!

John Samuel December 3, 2009 at 11:18

Thanks for this update.
.-= John Samuel ´s last blog ..Open Link in New Tab versus Background Tab =-.

Phaoloo December 3, 2009 at 11:34

Love the way this virus does. Why doesn’t it require to send it some bucks via paypal, haha it’s a weird thought!
.-= Phaoloo´s last blog ..10+ Icon And Smiley Sets For This Christmas =-.

Dennis Edell December 4, 2009 at 21:46

They’d be caught a lot quicker.
.-= Dennis Edell´s last blog ..Simons Running A Contest – Over $800 In Prizes! =-.

Sandesh December 3, 2009 at 18:10

Looks like a new generation virus…….. More over this virus is quite wired… 🙂
.-= Sandesh´s last blog ..Make your PC faster and more security with Mr Fix =-.

chandan December 4, 2009 at 08:28

Thank you Klaus for the new virus information, I think we have to be alert for it.
.-= chandan´s last blog ..Sponsored tweets- great work at home opportunity =-.

Dennis Edell December 4, 2009 at 21:47

Wow who can count the federal laws being broken there.

Btw, CA = Computer Associates. #2 behind Microsoft.
.-= Dennis Edell´s last blog ..Simons Running A Contest – Over $800 In Prizes! =-.

Klaus @ TechPatio December 5, 2009 at 23:32

Computer Associates – of course, I knew I had it somewhere I just couldn’t remember it 🙂 Even looked at their website but it didn’t show in any place I looked. Thanks!

rijans February 13, 2011 at 05:24

REally useful update. Thanks for sharing…


Previous post:

Next post: