Malware Alert: Two New Ransomware Variants Currently In Circulation

Gallery Icon

bill-swift - April 13, 2012

Ransomware is a form of malware that takes your computer hostage. It works by restricting access to the computers it infects, and can only be removed once the user pays a ransom amount to the malware's creator. 

On a related note, security researchers from TrendMicro, F-Secure and Dr. Web have reported that two new ransomware variants are currently circulating on the web.

One of the new variants is comparable to a previous release that infects the computer's the Master Boot Record (MBR). This prevents the operating system from booting up and instead restarts the PC once its executed. A ransom message requesting payment for the unlock code is then displayed on the screen.

F-Secure and Dr. Web were also able to intercept another identical ransomware variant. Upon execution, the files on the computer are encrypted by adding a .EnCiPhErEd file extension. Users are then given five attempts to enter the unlock code before the malware will delete itself and leave the files on the PC encrypted.

Attention! All your files are encrypted! You are using unlicensed programms! To restore your files and access them, send code Ukrash or Paysafecard nominal value of EUR 50 to the email You have 5 attempts to enter the code. If you exceed this of all data irretrievably spoiled. Be careful when you enter teh code!

-- Ransomware ransom text

Ransomware is spread through the same channels as most computer viruses, so don't click any links or download any files that seem shady or aren't verified.

Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices

Tagged in: gear ,

Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@) and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.