iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Zippo Trojan Choose Extortion For $300
Search:
[ news_security_news ]

Zippo Trojan Choose Extortion For $300



John Stith
Staff Writer
2006-03-16

SecurityProNews: Insider Reports Insider Reports RSS Feed


A new virus called the Zippo Trojan is floating about the net and is demanding $300 to unencrypt data it claims to have stolen and encrypted. The Trojan goes through a user's files and moves them into a password protected zip file.

The files it might grab include Word documents, databases and spreadsheets. Once it gets them, it zips them and creates a second file telling the user about paying the $300 to an E-Gold account to recover the data.

The kids across the pond at Sophos decided they didn't particularly like the new Trojan and so decided to release the password for the program. At the very least, the virus folks will need to come up with a new password and redistribute the malware.

"The Zippo Trojan horse is bold as brass, scooping up your valuable data and locking it away until you agree to pay the ransom to the criminals who have "kidnapped" your files. Companies who have made regular backups may be able to recover easily, but less diligent businesses may be in a quandary about whether to cough up the cash," said Graham Cluley, senior technology consultant for Sophos.

"In the old days malware was typically written by teenagers who wanted to show off to their mates. Now most of the viruses and Trojan horses we see are being written with the intention of making money from innocent internet users. The attacks are becoming more organized and more malicious, and every computer needs to be properly defended.

"Experts at Sophos have disassembled the Zippo Trojan and determined that the password it uses to encrypt data is C:Program FilesMicrosoft Visual StudioVC98," continued Cluley. "So there should be no need for anyone unfortunate enough to have suffered from this ransomware attack to have to pay the reward to the criminals behind it. It looks like this password was deliberately chosen by the Trojan's author in an attempt to fool analysts into thinking it was a directory path instead."

In any event, users should still keep their operating systems and security software updated. Remember to check on both Windows and Mac patches as both had updates on Tuesday.


Get all the updates - click this link:

Add to | DiggThis| Yahoo My Web



Tag:


About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds