New Tool for File Encrypting Trojan

Today’s malware public service message is brought to you by the folks at Symantec. The company is also offering a free tool for anyone that has been hit by this new Trojan.

Quote:

Trojan.Ramvicrype is a little different from most other Ransomware programs we’ve seen in the past. Typically these kinds of threats display a message prompting users to visit a certain Web page or email a specific address. Users will end up paying the online criminals in exchange for keys that can be used to unlock the computer or decrypt the encrypted files.

This is the future of viruses.

Time to start ordering death sentences for convicted trojan writers.
It might not deter them, but it would make us sysadmins feel better for dealing with these idiots.

Quote:

Trojan.Ramvicrype does not make a direct demand for cash in return for keys. How are they making their money here? It turns out that entering the term ‘vicrypt’ into a search engine leads us to a company offering a fix, which of course is a charged service. So, there was a reason for that file extension after all.

I bet it was a Russian website.

What ever happened to good old fashioned stealing credit card numbers?

hmm im starting to think symantec, makes these damn things...


i had to deal with a trojan on a staff members machine today that shut down the computer if you attempted to remove it.... nasty little blighter, had to pull a trick to turn it off and shut down the machine at the same moment so the program didnt have time to "fix" itself, that pretty much got rid of it...However after dealing with that little "problem" i ran into a new one where any exe file ran from double clicking would bring up the "Open With" menu.... at that point i formatted it.

Quote:

Originally Posted by Flakes

hmm im starting to think symantec, makes these damn things...


i had to deal with a trojan on a staff members machine today that shut down the computer if you attempted to remove it.... nasty little blighter, had to pull a trick to turn it off and shut down the machine at the same moment so the program didnt have time to "fix" itself, that pretty much got rid of it...However after dealing with that little "problem" i ran into a new one where any exe file ran from double clicking would bring up the "Open With" menu.... at that point i formatted it.

I've thought for a long time that virus writers are supported by anti-virus companies. There's no need for AV if there weren't virus writers.

Quote:

Originally Posted by az_max

I've thought for a long time that virus writers are supported by anti-virus companies. There's no need for AV if there weren't virus writers.

Are you serious? I work on symantec and there is absolutely no need to "support" virus writers. There are plenty of them out there and who knows how many script kiddies that just repackage old threats.

Quote:

Originally Posted by az_max

I've thought for a long time that virus writers are supported by anti-virus companies. There's no need for AV if there weren't virus writers.

That's like saying criminals (rapists, murderers, etc) are supported by the police because they keep them employed. There's no need for the police if there weren't criminals.

Think before you speak.

gotta say symentec might not support virus/trojans, but i know if i was making money off trojans, i would work at symentec, what better way is there to be awesome at your job, and get insider code to avoid detection, untill you can look uber cool and "discover" your own trojan once youve made the desired amount of money......it makes sense and you know it.

Gotta give credit to the writers of this ransomware. Unique idea and makes you wonder how much money they've actually made from it.

However, that doesn't change the fact they need their hands broken for writing such crap. At this point I'm guessing by the end of next week I'll see this at least once at work.

Quote:

Originally Posted by Spewn

What ever happened to good old fashioned stealing credit card numbers?

why steal it when they will freely hand it over to gain access to their data

I thought this related link was funny--first time I've ever heard of "keygen" being used for something legal.

Shit.

Man its gonna suck trying to fix this, and I know someone is going to call me about this.

Quote:

Originally Posted by Techx

That's like saying criminals (rapists, murderers, etc) are supported by the police because they keep them employed. There's no need for the police if there weren't criminals.

Think before you speak.

Quote:

Originally Posted by Mrbustanut

Are you serious? I work on symantec and there is absolutely no need to "support" virus writers. There are plenty of them out there and who knows how many script kiddies that just repackage old threats.

I've thought about it for a long time, and I'm convinced they're in cahoots. Until the virus writers started making money off ads, redirects and stolen CC numbers, their only incentive was notoriety with their peers. That won't buy you the finer things in life. There had to be a money trail back to someone making money off of cleaning these threats up.

Shit like this is why I made my mom and dads computer steady state with all data saved to an isolated NAS. If shit hits the fan, reboot, if that didn't fix it, pull the hard drive out of hotswap bay six in the server and install into bay 2 of computer and reboot and let the primary drive be wiped and cloned over.