You may not be a big fan of Microsoft, but you wouldn't expect your computer to be held to ransom by the company would you?
In recent months it has become quite commonplace, at least across Europe, for scammers posing as Microsoft technical support staff to 'cold call' people on their landlines and warn them that their computers have become infected with some nasty malware and offer to walk them through the solution to rid them of this imaginary infection, for a fee of course. They get you to visit a link that gives them control over your computer, and an opportunity to install the scareware software that shows your computer is infected while at the same time, ironically, infecting your computer with more malware, Trojans etc.
DaniWeb has been warned about the existence of a new twist on the Microsoft malware theme in the form of a new ransomware Trojan which claims to be an official Microsoft alert. The Trojan, which has been named Ransom.AN, informs the user that their copy of Windows is unlicensed and therefore illegal before threatening not only prevent access to their computer, but also erase data and prosecute the user if a specific activation code is not entered within 48 hours. The Trojan threatens users that the relevant law enforcement agencies have been handed your IP address, and offers to withdraw the pending prosecution upon payment of 100 Euros.
Currently it would appear that Ransom.AN is only targeting German speaking users, but that could well change very quickly as is often the case with this type of scam so keep your eyes open for it. PandaLabs, which alerted DaniWeb to the ransomware, warns that the malware is being spread through both spam and P2P download channels. "These types of Trojans are very dangerous because once they infect the computer it is extremely difficult to remove manually, forcing users to pay the ransom or reformat their devices" says Luis Corrons, technical director of PandaLabs.
The 'activation code' for anyone unlucky enough to get caught by this con is available free of charge from PandaLabs .