MS04-023: PGPCoder Trojan - Encrypts & demands $200 for the key - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

MS04-023: PGPCoder Trojan - Encrypts & demands $200 for the key

This is a new malicious attack that's not widespread and provides all the more reason to stay up-to-date with Microsoft Security updates.

MS04-023: PGPCoder Trojan - Encrypts & demands $200 for the key
http://news.zdnet.com/2100-1009_22-5718678.html
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=194
http://secunia.com/virus_information/18207/pgpcoder/

Researchers at Symantec have seen the malicious program used in the ransom attack. The "Trojan.Pgpcoder" searches a victim's hard disk drive for 15 common file types, including images and Microsoft Office file types. It then encrypts the files, removes the originals and drops a note asking $200 for the encryption key, Friedrichs said.

This memory-resident Trojan arrives via Internet or copied from disks. Upon execution, it encrypts all files on the system having the following extensions:

ASC
DB
DB1
DB2
DBF
DOC
HTM
HTML
JPG
PGP
RAR
RTF
TXT
XLS
ZIP

Posted: May 24 2005, 05:48 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.