Computer users already anxious about viruses and identity theft have new reason to worry: Hackers have found a way to lock up the electronic documents on your computer and then demand US$200 over the Internet to get them back.
Security researchers at San Diego-based Websense Inc uncovered the unusual extortion plot when a corporate customer they would not identify fell victim to the infection, which encrypted files that included documents, photographs and spreadsheets.
A ransom note left behind included an e-mail address, and the attacker using the address later demanded US$200 for the digital keys to unlock the files.
"This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corp.
The FBI said the scheme, which appears isolated, was unlike other Internet extortion crimes. Leading security and antivirus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed "ransom-ware."
"This seems fully malicious," said Joe Stewart, a researcher at Chicago-based Lurqh Corp who studied the attack software.
Stewart managed to unlock the infected computer files without paying the extortion, but he worries that improved versions might be more difficult to overcome. Internet attacks commonly become more effective as they evolve over time as hackers learn to avoid the mistakes of earlier infections.
"You would have to pay the guy, or law enforcement would have to get his key to unencrypt the files," Stewart said.
The latest danger adds to the risks facing beleaguered Internet users, who must increasingly deal with categories of threats that include spyware, viruses, worms, phishing e-mail fraud and denial of service attacks.
In the recent case, computer users could be infected by viewing a vandalized Web site with vulnerable Internet browser software. The infection locked up at least 15 types of data files and left behind a note with instructions to send e-mail to a particular address to purchase unlocking keys. In an e-mail reply, the hacker demanded US$200 be wired to an Internet banking account.
"I send programm [sic] to your email," the hacker wrote.
There was no reply to e-mails sent to that address on Monday.
FBI spokesman Paul Bresson said more familiar Internet extortion schemes involve hackers demanding tens of thousands of dollars and threatening to attack commercial Web sites, interfering with sales or stealing customer data.
Experts said there were no widespread reports the new threat was spreading, and the Web site was already shut down where the infection originally spread. They also said the hacker's demand for payment might be his weakness, since bank transactions can be traced easily.
"The problem is getting away with it -- you've got to send the money somewhere," Stewart said. "If it involves some sort of monetary transaction, it's far easier to trace than an e-mail account."
Passengers on domestic flights would not be allowed to board if their temperature is more than 37.5°C or if they refuse to have their temperatures taken, Uni Air (立榮航空) and Mandarin Airlines (華信航空) said yesterday. The two airlines made the announcement after their parent companies — EVA Airways (長榮航空) and China Airlines (CAL, 中華航空) respectively — announced similar pre-boarding requirements on Saturday, along with a requirement that passengers wear masks during their flights, except when they have meals or drinks. Uni Air and Mandarin Airlines said domestic passengers would be required to wear masks from the time they start using self-help
CASE COUNT RISES: One of the new domestic cases is a nurse at a long-term care center, but so far tests on all the residents and other staff have been negative Flight transits through all Taiwanese airports would be banned for two weeks, starting tomorrow, the Central Epidemic Command Center (CECC) said yesterday as it announced 16 new confirmed cases of COVID-19, bringing the nation’s total to 169. Minister of Health and Welfare Chen Shih-chung (陳時中), head of the center, said all flight transits would be banned through April 7. In light of the rapidly increasing number of imported COVID-19 cases, there was a need to further reduce cross-border travel and the risk of disease transmission, the center said. The Civil Aeronautics Administration has informed airlines about the new measures, and anyone who has
A public health expert yesterday warned that too many people are meeting in small groups in coffee shops and restaurants without keeping a proper distance from one another, as he urged the government to loosen the criteria for testing young Taiwanese returning from abroad for COVID-19. People need to keep a social distance of at least 2m, National Taiwan University (NTU) College of Public Health dean Chan Chang-chuan (詹長權) said as the college presented its seventh weekly report on COVID-19 at a morning news conference. More than 300,000 confirmed cases of the virus have been reported in more than three-quarters of all
TWEET CONFIRMED: The US’ Morgan Ortagus backed up Taiwan, saying China only admitted that human-to-human transmission was possible as late as Jan. 20 Taiwan warned the WHO and China about possible human-to-human transmission of the new coronavirus at the end of last year, but the global health body did not make it public, the Ministry of Foreign Affairs said yesterday. Department of International Organizations Director-General Bob Chen (陳龍錦) made the remark at a news briefing in Taipei, when asked about statements made by US Department of State spokeswoman Morgan Ortagus. “Dec. 31— that’s the same day Taiwan first tried to warn WHO of human-human transmission. Chinese authorities meanwhile silenced doctors and refused to admit human-human transmission until Jan. 20, with catastrophic consequences,” Ortagus wrote on