Security researchers at Symantec Corp. are conducting an analysis of some of the latest variants of ransomware to see if the malware can hijack users of Microsoft's latest operating
Trojan.Ransomlock.U can lock a Windows 8 system and hold it ransom, according to analysis conducted by Symantec.
In a default Windows 8 environment, researches at the Cupertino, Calif.-based security vendor tested several widespread, in the wild ransomware samples. Some of the ransomware samples tested by the team ran poorly in Windows 8, but it did not take long to find one that worked effectively, experts said.
Although Windows 8 fell victim to Ransomlock.U, the Trojan was not foolproof in its attack.
"The Trojan.Ransomlock.U variant uses the geolocation of the compromised system to serve localized ransomware screens in the appropriate language. While the ransomware running on Windows 8 correctly identified our location, the cybercriminals in this case must not have realized that English is the main language spoken in Ireland. … Their ingenuity in this case has lowered the chance of the ransom attempt being successful," according to a Symantec blog post about the test.
Ransomlock.U is a very low-risk Trojan that locks the infected desktop and asks the user to pay to have the computer unlocked. There have been very few cases of this Trojan in the wild, and it is easy to contain and remove. Symantec has ranked the potential damage at medium.
A user may encounter Ransomlock.U when visiting malicious sites by opening untrusted links or advertisement banners, or by installing software from untrusted sources.
This is likely the first Trojan that will infiltrate Windows 8 security.
"As more users adopt Windows 8, Symantec expects to see more malware targeting this new environment. Symantec will continue to actively monitor the threat landscape to ensure protection against any new threats," the blog post read.