Network News

X My Profile
View More Activity

Cyber Extortion Meets the Desktop

In what could be a harbinger of the next big fad in online crime, Internet scammers are now trying to extort money from Microsoft Windows users by scrambling text files on victims' PCs and then requesting payment for a computer program needed to decode the documents.

According to a disturbing report published today by Websense Security Labs, scam artists are using known security flaws in Internet Explorer to seize control over any text files found on their victims' computers. Those files are then scrambled using an encryption scheme controlled by the attackers, rendering the files unreadable and useless to the victim unless he or she pays for a decoder program by depositing $200 in the attackers' e-Gold account, an online currency that operates outside of the regulatory and legal controls of the U.S. financial system.

The attack leverages an IE security hole that Microsoft released a patch for last July (ironically, the flaw resides in an IE "help" feature).

Think most people using Windows would have sense enough to apply Microsoft patches at least once a year? Think again. Some of the most prolific viruses and worms circulating the Internet these days infiltrate machines using Windows security flaws that are more than a year old. If you're not up to date, visit Windows Update and install any security patches it says your computer is lacking.

By Brian Krebs  |  May 23, 2005; 3:56 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Gutting the Phish
Next: International Effort Urges ISPs to Guard Against "Spam Zombies"

No comments have been posted to this entry.

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company