Ransomware

Ransomware is software that denies you access to your fi les until you pay a ransom.

In the past, malicious software typically used to corrupt or delete data, but now it can hold your data hostage instead. For example, the Archiveus Trojan copies the contents of “My Documents” into a password-protected fi le and then deletes the original fi les. It leaves a message telling you that you require a 30-character password to access the folder, and that you will be sent the password if you make purchases from an online pharmacy.

In that case, as in most ransomware so far, the password or key is concealed inside the Trojan’s code and can be retrieved by virus analysts. However, in the future hackers could use asymmetric or public-key encryption, which uses one key to encrypt the data, but another to decrypt it, so that the password would not be stored on your computer.

In some cases, the threat to deny access is suffi cient. For example, the Ransom-A Trojan threatens to delete a fi le every 30 minutes until you pay for an “unlock code” via Western Union. If you enter an incorrect unlock code, the Trojan warns that the computer will crash after three days. However, the threats are a bluff, as Ransom-A is not capable of doing these things.

Sophos.com