Ransomware: Show me the money!

"Name and Fame" were once the driving factor for writing viruses, but that's not what malware authors of today are driven by.

Money talks and today's generation of malware authors are finding newer ways to indulge in cyber crime. From selling time on bot nets, to spam and phishing or extortion via DDOS attacks, cyber criminals are now targeting home consumers via the re-emergence of a threat called "Ransomware".

Ransomware dates back to 1989, when the "PC CYBORG / AIDS Information Trojan", posing to provide information about the AIDS virus, was the first malware to be classified as ransomware.

This type of malware encrypts important files on the victim's computer, holding them as ransom until the victim agrees to the attackers demands. A typical ransom demand could be anything from transferring money online to an attacker's account or purchasing pharmaceutical drugs from an affiliate website.

After a lull, the past couple of months has seen a rash of ransomware variants including GPCoder, CryZip, MayArchive that attempt to extort money from its victims by encrypting their document files.

Users typically get infected when visiting pornographic, questionable or unsafe sites, but in a recent incident, a specially crafted Microsoft Word document was mass spammed that then attempted to download and install ransomware. With cyber criminals improving upon their distribution techniques with every new variant, it is more important than ever that users  not trust seemingly familiar or safe files particularly when received via P2P clients, IRC, email or other media.

We strongly recommend that users who have fallen victim to ransomware not give in to the demands of the malware authors as this will further fuel the money trail.