WARNING: Illegal Windows alert holds users to ransom

happygeek 0 420 Views

You may not be a big fan of Microsoft, but you wouldn't expect your computer to be held to ransom by the company would you?

In recent months it has become quite commonplace, at least across Europe, for scammers posing as Microsoft technical support staff to 'cold call' people on their landlines and warn them that their computers have become infected with some nasty malware and offer to walk them through the solution to rid them of this imaginary infection, for a fee of course. They get you to visit a link that gives them control over your computer, and an opportunity to install the scareware software that shows your computer is infected while at the same time, ironically, infecting your computer with more malware, Trojans etc.

DaniWeb has been warned about the existence of a new twist on the Microsoft malware theme in the form of a new ransomware Trojan which claims to be an official Microsoft alert. The Trojan, which has been named Ransom.AN, informs the user that their copy of Windows is unlicensed and therefore illegal before threatening not only prevent access to their computer, but also erase data and prosecute the user if a specific activation code is not entered within 48 hours. The Trojan threatens users that the relevant law enforcement agencies have been handed your IP address, and offers to withdraw the pending prosecution upon payment of 100 Euros.

Currently it would appear that Ransom.AN is only targeting German speaking users, but that could well change very quickly as is often the case with this type of scam so keep your eyes open for it. PandaLabs, which alerted DaniWeb to the ransomware, warns that the malware is being spread through both spam and P2P download channels. "These types of Trojans are very dangerous because once they infect the computer it is extremely difficult to remove manually, forcing users to pay the ransom or reformat their devices" says Luis Corrons, technical director of PandaLabs.

The 'activation code' for anyone unlucky enough to get caught by this con is available free of charge from PandaLabs .

windowsransom.jpg 23.98 KB
Member Avatar for LastMitch
LastMitch

DaniWeb has been warned about the existence of a new twist on the Microsoft malware theme in the form of a new ransomware Trojan which claims to be an official Microsoft alert. The Trojan, which has been named Ransom.AN, informs the user that their copy of Windows is unlicensed and therefore illegal before threatening not only prevent access to their computer, but also erase data and prosecute the user if a specific activation code is not entered within 48 hours. The Trojan threatens users that the relevant law enforcement agencies have been handed your IP address, and offers to withdraw the pending prosecution upon payment of 100 Euros.

I remember this incident because I saw it on ABC. I don't think it got that far to the states.

Member Avatar for rubberman
rubberman 1,355 Nearly a Posting Virtuoso

Rule one - never accept unsolicited phone or email contacts with people you don't know.
Rule two - see rule one...
Rule three - keep your A/V and malware detection software updated.
Rule four - only use known suppliers for A/V and malware detection software.
Rule five - sometimes all of this doesn't work to keep you safe - make a backup of your system on a regular basis, and your data.

Member Avatar for caperjack
caperjack 875 I hate 20 Questions

I remember this incident because I saw it on ABC. I don't think it got that far to the states.

it still active ,we still get calls here in Canada , " hi im from microst and you have a virus on you computer that need fixing so let me in and i can clean it up for you, just need to drop this trojan on your computer and then get you paypall acct or you credit card number " you know what i say to hi ,i would tell you but i might get Banned from daniweb , customers of mine still fall for it ,lates one just last month

Edited by caperjack
Member Avatar for LastMitch
LastMitch

you know what i say to hi ,i would tell you but i might get Banned from daniweb , customers of mine still fall for it ,lates one just last month

I feel sorry for customers. It must something very inappropriate that you said to hi.

Doesn't most email account have spam active so all email get filter.

I'm not sure or familiar with this.

Member Avatar for caperjack
caperjack 875 I hate 20 Questions

I feel sorry for customers. It must something very inappropriate that you said to hi

Doesn't most email account have spam active so all email get filter.

inappropriate ! he called me trying to scam me ,why would i say something aproriate to him.

my email program as junk email filter,getting email scamms ,that i can cope with , iam talkning about a phine call to my house ,that i deal with by making inapproate comments ,lol

Member Avatar for LastMitch
LastMitch

inappropriate ! he called me trying to scam me ,why would i say something aproriate to him.

OK, my bad I misread what you wrote.

my email program as junk email filter,getting email scamms ,that i can cope with , iam talkning about a phine call to my house ,that i deal with by making inapproate comments ,lol

LOL I get it now.

You mean those annoying telemarketer phone calls trying to convince you to buy things.

Member Avatar for caperjack
caperjack 875 I hate 20 Questions

You mean those annoying telemarketer phone calls trying to convince you to buy things.

sort of ,they say there are from Microsoft and tell me/people i/they have a virus on your computer and try to convince people to allow control to the desktop ,by going to a certin web page and downloading the tool to do so ,and the tool is a virus and then they convince people to give credit card to pay to fix the virus ,bottom line its a scam and if you go along with it they win ,and never fix you computer ,so it cost you ,
i am not dumb enough to do this but i have customers who do ,the trick of it is they say they are from Microsoft and people believe them

Member Avatar for oalee
oalee 53 cyberkill(ed)

ahhh, working for Microsoft Tech Support, we get lots of calls asking us to fix their computers simply because "we" called them up and put it there in the first place. When I try and explain that they were scammed, they again blame us for not doing anything about it. Just dandy...

Member Avatar for caperjack
caperjack 875 I hate 20 Questions

ahhh, working for Microsoft Tech Support, we get lots of calls asking us to fix their computers simply because "we" called them up and put it there in the first place. When I try and explain that they were scammed, they again blame us for not doing anything about it. Just dandy...

I tell them that micrcosoft would have no idea whats on there computer ,anf quit frankly im sure they could care less either and do you really think that they go around calling the millions of people who own a computer

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Edit Preview