NEWS FROM THE LAB - Monday, May 15, 2006

"We do not want to do you any harm" says the trojan Posted by Alexey @ 13:10 GMT

Lately we've come accross a pretty interesting "ransomware" - a trojan that takes user's files hostage and asks for a ransom to "free" them. The MayArchive.B trojan copies the contents of user's files into its own archive, deletes the original files and then asks a victim to send a message to a specified e-mail address in order to receive the password for "encrypted" files.

The interesting thing in all that is that in order to get the password a victim will be asked to buy some product from an online store. The trojan claims "We do not want to do you any harm, we do not ask you for money, we only want to do business with you". No comments...

As a matter of fact user's files don't even get encrypted when they are stored in the archive. Besides the trojan is quite buggy and some of user's files may become corrupted.