A very rare piece of ransomware that stops machines from loading up has been spotted by security giant Trend Micro.
Typically, ransomware encrypts files or restricts user access to the infected system, but the TROJ_RANSOM.AQB variant infects the Master Boot Record (MBR) of computers. The ransomware copies the original MBR and overwrites it with its own malicious code.
A user running an infected machine would be barred from entering their operating system. Instead, when their system is booting up, they will be asked to pay money in order to get a password to unlock the computer. They are asked to pay 920 Ukranian hryvnia (£72.32).
As for how rare this kind of malicious kit is, this piece of ransomware is one of a handful that have ever been seen.
“As of now, this is the only sample I have encountered. The ransomware that we usually get just disables some Windows Utilities or encrypt files but not as deep as this one. We currently have not seen any other variant using different language,” Rik Ferguson, Trend Micro’s director of director of security research and communication, told TechWeekEurope.
What’s more, Trend analysis has indicated the ransomware may be doing other nasty things.
“This malware may have other component malware. Also, it is possible that a component malware may execute this infector and may cause reinfection,” Ferguson said.
This is not the first piece of MBR-infecting ransomware ever seen. Back in November 2010, Kaspersky spotted ransomware doing the same, demanding a ransom to retrieve a password and restore the original MBR.
The infamous Cutwail botnet has been one of the biggest pushers of ransomware.
How well do you know security? Test yourself with our quiz!
Tesla shareholders to be asked to reinstate Elon Musk's $56 billion pay package, days after…
Catching WhatsApp? Billionaire founder of Telegram claims encrypted platform will reach one billion users within…
Good news for Mark Zuckerberg as judge dismisses some claims in dozens of lawsuits alleging…
Consequences of Assembly Bill 886. Google begins removing California news websites from some search results
CEO Tim Cook during visit to Jakarta says Apple will look into building a manufacturing…
Introduction of digital services tax on tech firms will begin in 2024 Canadian government confirms,…