'Police Virus' Was Second Quarter's Top Malware Threat
Trojan takes control of users' computers and demands payment to release them
Thursday, August 9, 2012
An increasing number of PC users have had to deal with the frustrating “Police Virus” this year. Security software company PandaLabs says the Trojan was leading malware issue it dealt with in the second quarter of the year.
The Police Virus is a type of virus known as ransomware. Its objective is to intimidate and blackmail users whose PCs are infected and persuade or force them to pay for having the malware removed or neutralized.
A PC gets infected when the user visits a particular Website. The Trojan then downloads to the victim's computer, inserting a registry entry to make sure that it will be run every time the PC boots up. It then displays a picture and a message that fills the screen and essentially locks up the computer. the only way to unlock it is to pay. Hence the name “ransomware.”
Bogus Microsoft message
At first the messages claimed to be from Microsoft, saying it had detected an illegal version of Windows on the victim's computer. The malware seized various documents on the user's computer and would not release them until payment was made.
Later versions claimed to be messages from law enforcement agencies, customized for individual countries. In the U.S., for example, it would claim to be from the FBI. The message would declare that illegal files, such as child pornography, had been detected on the user's computer and demanded payment.
The PandaLabs report notes that the Police Virus has lately begun to evolve, suggesting the hackers plan to keep it going for a while. According to various technology and security sites, newer variants of the virus have been modified to use highly sophisticated encryption techniques and overwrite key memory functions.
Six million new malware samples
In the second quarter of 2012 PandaLabs counted more than six million new malware samples. The company said that's about the same as the first quarter of the year. But there was some good news.
Despite the proliferation and increased sophistication of malware, the percentage of infected PCs worldwide fell in the second quarter -- from 35 percent to 31.63 percent. Asian countries had the most infected PCs, with South Korea the overall leader, followed by China and Taiwan.
There is no fool-proof way to avoid this virus because the hackers use a wide variety of sites to download their malware. A consumer's best hope is to have a good anti-virus program and keep it up to date.