Hello, your files are encrypted with RSA-4096 algorithm http://en.wikipedia.org/wiki/RSA You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us. To decrypt your files you need to buy our software. The price is $300. If you will not contact us until 07/15/2007 your private information will be shared and you will lost all your data. Glamorous...
Isn't that lovely? I'm particularly amused by the "Hello" salutation up front, and the Wikipedia reference to the algorithm used for the crypto.
(By the way, it's likely untrue that the files themselves were encrypted with the RSA public key crypto algorithm. Symmetric algorithms usually encrypt hundreds of times faster than public key algorithms, and encrypting with RSA would be an inefficient choice. Perhaps the bad guys just cite RSA because it sounds scarier, or because they used it to encrypt the symmetric key. The files themselves, however, are likely encrypted using a symmetric key algorithm, like AES, DES or IDEA.)
While these ransomware attacks do occur, they are not terribly common today. The payoff is often so small that attackers turn their attention to more reliable methods of getting money from infected machines: spyware, keystroke loggers, search results customization, spam relays and so forth.
Most antivirus vendors have signatures that can block the common ransomware manifestations of the past. While there isn't a huge threat here, it is always a good idea to keep a backup of your vital files. Try to get into the habit of backing up once per week or so. You'll be happy that you did. But the reason for doing so is likely not going to be the threat of ransomware; you are far more likely to suffer a hard drive failure, something that occurs quite regularly and can wipe out your data.
Dig Deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Ed Skoudis, Contributor
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ...continue reading
There are some rare forms of malware that antivirus software doesn't pick up on, but there are some good tools to remove all sorts of malware.continue reading
By viewing a page's HTML source code and writing malicious scripts to a drop-down list, hackers may be able to re-post the malicous page to the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.