I know because I work there
A new strain of "Ransomware" that attempts to coerce victims into paying $35 to unlock their Windows PC, is doing the rounds. The scam uses a variety of premium rate numbers in different countries, and UK regulator PhonePayPlus is investigating the suspected misuse of a type of premium rate line normally used for sex lines in …
...if software can take over a machine like this and lock it out, then Windows is so badly designed/flawed it should be pulled from market until it's fixed. I'm not talking about some badly behaving app, but a piece of malware that can be this incredibly destructive (from a user perspective)? Think about it, if the lock on your front door could be so easily circumvented you'd send it back for a refund or the manufacturer would do a recall.
BTW what versions of Windows are affected? Is Vista vulnerable to this? What exploits does it use? Are machines that are patched and up-to-date still affected?
it should be possible to work back from there to the issuing company, who may just be quicker to act than the folks at PhonePayPlus.
That's what I did when I was left a "call 07xxxx to arrange collection of your parcel" message on my mobile (presumably by a random dialer).
Yes it does sound dumb. Your lock on your door CAN be circumvented. Why do you think burglars can break into houses without leaving much of a trace? What mitigates any potential loss of stuff is multiple locks, sturdy doors and a burglar alarm linked to the police, as well as the usual leave lights on, etc. stuff.
The first time this trojan gets onto a US Government PC (or one owned by a government contractor), the VXers have committed a Federal 1st class felony, *and* can be declared "enemy combatants" if it happens to be a PC in the Defense industry.
No subpoena and no court order of any kind will be required for the spooks to get all the relevant data from the premium rate phone operator, and the people who are ultimately getting paid will simply be "disappeared" to some place a bit less attractive than GitMo.
While I would not hold up the CIA to be the sharpest crayons in the box, they are very, very good at doggedly following a money trail back to the people they consider to be "bad guys," and they aren't terribly gentle once those guys are found.
I think some VXers somewhere have finally made a literally-fatal error.
" A spokesman added that he wasn't aware of previous UK cases where malware has been linked to attempts to prompt users into phoning premium rate lines. "
Well, it's not quite "attempting to prompt users" into phoning premium rate lines, but premium line trojan porn diallers have been around since like forever.
Which I guess is only one more example of how the telecomms regulatory bodies are still years behind in keeping up with the latest developments in telecomms.
Re: So why is Windows so easily beaten? Why can't there be multiple layers of security to prevent these kind of hijacks?
All systems can be beaten if a user or application has enough access. Even Linux etc. Give an application root access under Linux via su and goodbye system. Why would Windows be any different? (and no I'm not a M$ fanboy).
Trojans by their very nature, infect a computer because the user let it in, hence the name Trojan. Normally by clicking on a link, by opening attachments in unsolicited emails etc etc. Stupid use is as stupid user does.
All people have to do is keep their anti-virus software upto date and you shouldn't get infected. And as there are perfectly good anti-virus apps out there that are completely free for home use, so there are no excuses for anyone not to have current up to date antivirus on a windowz machine. (I use Avast myself with no probs, and it's A LOT less resource hungry that Nortons etc.)
To allow an unprotected Windows based PC access to the Internet is downright irresponsible. Linux and Macs are different, as their market share is too small for anyone to bother with them, but PC's have to be protected.
As long as there is a user sat at the keyboard that can be duped into running, opening or clicking on something, the system will always be vulnerable.
"All people have to do is keep their anti-virus software upto (sic) date and you shouldn't get infected. "
Erk! Anti-virus software is always out of date. You cannot expect it to be able to cope with viruses it does not yet know about, while you merrily break every other rule in the security book. I'm surprised a Register reader doesn't know this.
Well I keep all the important stuff on mem stick, so all I would do if attaked would be reinstall windows.
By the way Phil is on to something. I've owned McAffee, Norton anti virus and they can''t hold a candle to avast plus avast is free, best anit virus I 've ever had.
Put out a lot of money on McAfee and Norton when avast is supperior and cost nothing.
U never no avast is there, except once in a while it tells u it has been updated.
To those folk that think it's entirely the fault of the OS :
If you download and run code whilst using administrative privileges then you can't blame the OS when the program subverts it. That's your own stupid fault.
If you download and run known malware code whilst running in userland and the the program exploits vulnerabilities in the OS to gain administrative or kernal level privileges and subverts it then you *still* can't blame the OS. That's your own stupid fault for not patching (if one is available) and running anti-virus to block the known malware.
If you download and run unknown malware code whilst running in userland and the the program exploits vulnerabilities in the OS to gain administrative or kernal level privileges and subverts it then you can blame the OS.
Personally I would like to try this little toy out - the article doesn't seem to mention that it encrypts your files, just "locks your desktop". I'm guessing Alt-F4, Alt-TAB, Start, Ctrl-Alt-Del, or as a last bash OFF should do the trick :o)