Welcome to the IKCEST
English
English 中文 русск français español العربية

Language

We detect your regional language is French. Do you want to change site's language to French? You may choose other languages.

International

English
中文
русск
français
español
العربية
No Change
Old Version Old Version
Mobile
Scan this QR code on your phone to browse IKCEST
Sign up Notification
LV1 10/100
User Center
My Training Class
Feedback
 Logout
Become author
ALL
ALL Expert Article Patent Conference Article Book Organization
Multilingual Search
Advanced Search
Hot Search:

Russian hacker drives hard bargain with Troldash scam
Jun 4, 2015

Source: http://www.bbc.com/news/technology-32996008

It takes around min to read this article.

Hacker illustration
Image caption The Russian hacker did not get what he or she was hoping for from the scam

A security software firm has warned about a new strain of "ransomware" - while finding that even Russian hackers can be haggled down.

Ransomware is software which locks you out of your files until a fee is paid to the criminals behind the attack.

Checkpoint researcher Natalia Kolesova detailed information about Troldash, a newly-discovered strain.

Once it infects a machine, Troldash provides an email address with which to contact the attackers.

"While the most ransom-trojan attackers try to hide themselves and avoid any direct contact," Ms Kolesova explained, "Troldesh's creators provide their victims with an e-mail address. The attackers use this email correspondence to demand a ransom and dictate a payment method."

Troldash was distributed via a spam email - and once downloaded, immediately set to work encrypting files before placing a text file of ransom instructions on the target's computer.

Posing as a victim named Olga, the researcher contacted the scam artist, and received a reply with instructions to pay 250 euros to get the files back.

Suspecting the reply was automated, Ms Kolesova pressed for a more human response, asking more details about how to transfer the money, and pleading with the hacker to not make them pay.

Responding in Russian, the scammer offered to accept 12,000 roubles, a discount of around 15%. After Ms Kolesova pleaded further, the email response read: "The best I can do is bargain."

Eventually the unknown man or woman was talked into accepting 7,000 roubles - 50% less than the first demand.

"Perhaps if I had continued bargaining, I could have gotten an even bigger discount," Ms Kolesova concluded.

Ransomware is a particularly vicious problem for many victims around the world. One strain, Cryptolocker, was said to have infected more than 250,000 computers worldwide.

Another variant locked users out of their favourite games unless they paid a fee.

The company did not pay the ransom - and recommended that up-to-date security software designed to protect against ransomware and other attacks was a better approach.

Follow Dave Lee on Twitter @DaveLeeBBC

Related Topics

Original Text (This is the original text for your reference.)

Hacker illustration
Image caption The Russian hacker did not get what he or she was hoping for from the scam

A security software firm has warned about a new strain of "ransomware" - while finding that even Russian hackers can be haggled down.

Ransomware is software which locks you out of your files until a fee is paid to the criminals behind the attack.

Checkpoint researcher Natalia Kolesova detailed information about Troldash, a newly-discovered strain.

Once it infects a machine, Troldash provides an email address with which to contact the attackers.

"While the most ransom-trojan attackers try to hide themselves and avoid any direct contact," Ms Kolesova explained, "Troldesh's creators provide their victims with an e-mail address. The attackers use this email correspondence to demand a ransom and dictate a payment method."

Troldash was distributed via a spam email - and once downloaded, immediately set to work encrypting files before placing a text file of ransom instructions on the target's computer.

Posing as a victim named Olga, the researcher contacted the scam artist, and received a reply with instructions to pay 250 euros to get the files back.

Suspecting the reply was automated, Ms Kolesova pressed for a more human response, asking more details about how to transfer the money, and pleading with the hacker to not make them pay.

Responding in Russian, the scammer offered to accept 12,000 roubles, a discount of around 15%. After Ms Kolesova pleaded further, the email response read: "The best I can do is bargain."

Eventually the unknown man or woman was talked into accepting 7,000 roubles - 50% less than the first demand.

"Perhaps if I had continued bargaining, I could have gotten an even bigger discount," Ms Kolesova concluded.

Ransomware is a particularly vicious problem for many victims around the world. One strain, Cryptolocker, was said to have infected more than 250,000 computers worldwide.

Another variant locked users out of their favourite games unless they paid a fee.

The company did not pay the ransom - and recommended that up-to-date security software designed to protect against ransomware and other attacks was a better approach.

Follow Dave Lee on Twitter @DaveLeeBBC

Related Topics

Comments

    Something to say?

    Log in or Sign up for free

    Disclaimer: The translated content is provided by third-party translation service providers, and IKCEST shall not assume any responsibility for the accuracy and legality of the content.
    Translate engine
    Article's language
    English
    中文
    Pусск
    Français
    Español
    العربية
    Português
    Kikongo
    Dutch
    kiswahili
    هَوُسَ
    IsiZulu
    Action
    Report Collection
    Share
    Related

    Report

    Select your report category*



    Reason*



    By pressing send, your feedback will be used to improve IKCEST. Your privacy will be protected.

    Submit
    Cancel
    ICP备案号:京ICP备14021735号-1    © 2008 - 2023 IKCEST All rights reserved | Sitemap | Contact | About IKCEST

    New sign-in location:     

    Last sign-in location:     

    Last sign-in date: