How much is your data worth to you? That's the question behind ransomware, an aggressive bit of data extortion that's making some noise again.If you discovered that crucial files had been kidnapped, encrypted and held hostage by crooks who deny you access to your information unless you pay up, would you?
You say it depends on the price?
How does $120 sound? That's the question crooks hope to pose to you.
Once the ransomware -- identified as Troj/Ransom-U --is launched, and target files encrypted, the recipient receives a strongly worded "request" to read a newly delivered txt file on the desktop, then follow the instructions for getting in touch with the extortionists.
Do that, and you'll be "asked" for $120 in order to get the key to decrypting your information.
The scam targets only Windows systems, and can encrypt files with the following extensions, again according to Sophos:
.jpg, .jpeg, .psd, .cdr, .dwg, .max, .mov, .m2v, .3gp, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .rar, .zip, .mdb, .mp3, .cer, .p12, .pfx, .kwm, .pwm, .txt, .pdf, .avi, .flv, .lnk, .bmp, .1cd, .md, .mdf, .dbf, .mdb, .odt, .vob, .ifo, .mpeg, .mpg, .doc, .docx, .xls, and .xlsx.
Once a file has been encrypted, the suffix ENCODED will be added to the filename.
$120 may not sound like a lot to pay to get your data back, especially if you're in a panic over losing it, but it's a lot more than simply instructing your people just to steer clear of PDFs, and to make sure they're running the latest version of Adobe Reader, which offers some protection, for those PDFs they simply must have.