News

Ransomware variant works on Windows 8, Symantec says

Moriah Sargent, Contributor

Security researchers at Symantec Corp. are conducting an analysis of some of the latest variants of ransomware to see if the malware can hijack users of Microsoft's latest operating

    Requires Free Membership to View

system.

Trojan.Ransomlock.U can lock a Windows 8 system and hold it ransom, according to analysis conducted by Symantec.

In a default Windows 8 environment, researches at the Cupertino, Calif.-based security vendor tested several widespread, in the wild ransomware samples. Some of the ransomware samples tested by the team ran poorly in Windows 8, but it did not take long to find one that worked effectively, experts said.

Although Windows 8 fell victim to Ransomlock.U, the Trojan was not foolproof in its attack.

"The Trojan.Ransomlock.U variant uses the geolocation of the compromised system to serve localized ransomware screens in the appropriate language. While the ransomware running on Windows 8 correctly identified our location, the cybercriminals in this case must not have realized that English is the main language spoken in Ireland. … Their ingenuity in this case has lowered the chance of the ransom attempt being successful," according to a Symantec blog post about the test.

Ransomlock.U is a very low-risk Trojan that locks the infected desktop and asks the user to pay to have the computer unlocked. There have been very few cases of this Trojan in the wild, and it is easy to contain and remove. Symantec has ranked the potential damage at medium.

A user may encounter Ransomlock.U when visiting malicious sites by opening untrusted links or advertisement banners, or by installing software from untrusted sources.

This is likely the first Trojan that will infiltrate Windows 8 security.

"As more users adopt Windows 8, Symantec expects to see more malware targeting this new environment. Symantec will continue to actively monitor the threat landscape to ensure protection against any new threats," the blog post read.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: