‘Net scam locks file, charges ransom

WASHINGTON – The latest threat to computer users doesn’t destroy data or steal passwords – it locks up a person’s electronic documents, effectively holding them hostage, and demands $200 over the Internet to get them back.

Security researchers at San Diego-based Websense Inc. uncovered the unusual extortion plot when a corporate fell victim to the infection, which encrypted files that included documents, photographs and spreadsheets.

A ransom note left behind included an e-mail address, and the attacker using the address later demanded $200 for the digital keys to unlock the files.

“This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination,” said Oliver Friedrichs, a security manager for Symantec Corp.

The FBI said the scheme was unlike other Internet extortion crimes. Leading security and antivirus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed “ransom-ware.”

The latest danger adds to the risks facing beleaguered Internet users, who must increasingly deal with categories of threats that include spyware, viruses, worms, phishing e-mail fraud and denial of service attacks.

Ed Stroz, a former FBI agent who now investigates computer crimes for corporations, said the relatively cheap ransom demand – only $200 – probably was deliberately low to encourage victims to pay rather than call police and to discourage law enforcement from assigning these cases a high priority.

“That’s a very powerful threat,” Stroz said. “If somebody encrypted your files, you need this stuff now to do your work.”

Experts said the Web site where the infection originally spread had been shut down. They also said the hacker’s demand for payment might be his weakness, since bank transactions can be traced easily.