0

You may not be a big fan of Microsoft, but you wouldn't expect your computer to be held to ransom by the company would you?

In recent months it has become quite commonplace, at least across Europe, for scammers posing as Microsoft technical support staff to 'cold call' people on their landlines and warn them that their computers have become infected with some nasty malware and offer to walk them through the solution to rid them of this imaginary infection, for a fee of course. They get you to visit a link that gives them control over your computer, and an opportunity to install the scareware software that shows your computer is infected while at the same time, ironically, infecting your computer with more malware, Trojans etc.

DaniWeb has been warned about the existence of a new twist on the Microsoft malware theme in the form of a new ransomware Trojan which claims to be an official Microsoft alert. The Trojan, which has been named Ransom.AN, informs the user that their copy of Windows is unlicensed and therefore illegal before threatening not only prevent access to their computer, but also erase data and prosecute the user if a specific activation code is not entered within 48 hours. The Trojan threatens users that the relevant law enforcement agencies have been handed your IP address, and offers to withdraw the pending prosecution upon payment of 100 Euros.

Currently it would appear that Ransom.AN is only targeting German speaking users, but that could well change very quickly as is often the case with this type of scam so keep your eyes open for it. PandaLabs, which alerted DaniWeb to the ransomware, warns that the malware is being spread through both spam and P2P download channels. "These types of Trojans are very dangerous because once they infect the computer it is extremely difficult to remove manually, forcing users to pay the ransom or reformat their devices" says Luis Corrons, technical director of PandaLabs.

The 'activation code' for anyone unlucky enough to get caught by this con is available free of charge from PandaLabs .

Attachments windowsransom.jpg 23.98 KB

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

5
Contributors
9
Replies
30
Views
5 Years
Discussion Span
Last Post by caperjack
0

DaniWeb has been warned about the existence of a new twist on the Microsoft malware theme in the form of a new ransomware Trojan which claims to be an official Microsoft alert. The Trojan, which has been named Ransom.AN, informs the user that their copy of Windows is unlicensed and therefore illegal before threatening not only prevent access to their computer, but also erase data and prosecute the user if a specific activation code is not entered within 48 hours. The Trojan threatens users that the relevant law enforcement agencies have been handed your IP address, and offers to withdraw the pending prosecution upon payment of 100 Euros.

I remember this incident because I saw it on ABC. I don't think it got that far to the states.

0

Rule one - never accept unsolicited phone or email contacts with people you don't know.
Rule two - see rule one...
Rule three - keep your A/V and malware detection software updated.
Rule four - only use known suppliers for A/V and malware detection software.
Rule five - sometimes all of this doesn't work to keep you safe - make a backup of your system on a regular basis, and your data.

0

I remember this incident because I saw it on ABC. I don't think it got that far to the states.

it still active ,we still get calls here in Canada , " hi im from microst and you have a virus on you computer that need fixing so let me in and i can clean it up for you, just need to drop this trojan on your computer and then get you paypall acct or you credit card number " you know what i say to hi ,i would tell you but i might get Banned from daniweb , customers of mine still fall for it ,lates one just last month

Edited by caperjack

0

you know what i say to hi ,i would tell you but i might get Banned from daniweb , customers of mine still fall for it ,lates one just last month

I feel sorry for customers. It must something very inappropriate that you said to hi.

Doesn't most email account have spam active so all email get filter.

I'm not sure or familiar with this.

0

I feel sorry for customers. It must something very inappropriate that you said to hi

Doesn't most email account have spam active so all email get filter.

inappropriate ! he called me trying to scam me ,why would i say something aproriate to him.

my email program as junk email filter,getting email scamms ,that i can cope with , iam talkning about a phine call to my house ,that i deal with by making inapproate comments ,lol

0

inappropriate ! he called me trying to scam me ,why would i say something aproriate to him.

OK, my bad I misread what you wrote.

my email program as junk email filter,getting email scamms ,that i can cope with , iam talkning about a phine call to my house ,that i deal with by making inapproate comments ,lol

LOL I get it now.

You mean those annoying telemarketer phone calls trying to convince you to buy things.

0

You mean those annoying telemarketer phone calls trying to convince you to buy things.

sort of ,they say there are from Microsoft and tell me/people i/they have a virus on your computer and try to convince people to allow control to the desktop ,by going to a certin web page and downloading the tool to do so ,and the tool is a virus and then they convince people to give credit card to pay to fix the virus ,bottom line its a scam and if you go along with it they win ,and never fix you computer ,so it cost you ,
i am not dumb enough to do this but i have customers who do ,the trick of it is they say they are from Microsoft and people believe them

0

ahhh, working for Microsoft Tech Support, we get lots of calls asking us to fix their computers simply because "we" called them up and put it there in the first place. When I try and explain that they were scammed, they again blame us for not doing anything about it. Just dandy...

0

ahhh, working for Microsoft Tech Support, we get lots of calls asking us to fix their computers simply because "we" called them up and put it there in the first place. When I try and explain that they were scammed, they again blame us for not doing anything about it. Just dandy...

I tell them that micrcosoft would have no idea whats on there computer ,anf quit frankly im sure they could care less either and do you really think that they go around calling the millions of people who own a computer

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.