A very rare piece of ransomware that stops machines from loading up has been spotted by security giant Trend Micro.
Typically, ransomware encrypts files or restricts user access to the infected system, but the TROJ_RANSOM.AQB variant infects the Master Boot Record (MBR) of computers. The ransomware copies the original MBR and overwrites it with its own malicious code.
A user running an infected machine would be barred from entering their operating system. Instead, when their system is booting up, they will be asked to pay money in order to get a password to unlock the computer. They are asked to pay 920 Ukranian hryvnia (£72.32).
As for how rare this kind of malicious kit is, this piece of ransomware is one of a handful that have ever been seen.
“As of now, this is the only sample I have encountered. The ransomware that we usually get just disables some Windows Utilities or encrypt files but not as deep as this one. We currently have not seen any other variant using different language,” Rik Ferguson, Trend Micro’s director of director of security research and communication, told TechWeekEurope.
What’s more, Trend analysis has indicated the ransomware may be doing other nasty things.
“This malware may have other component malware. Also, it is possible that a component malware may execute this infector and may cause reinfection,” Ferguson said.
This is not the first piece of MBR-infecting ransomware ever seen. Back in November 2010, Kaspersky spotted ransomware doing the same, demanding a ransom to retrieve a password and restore the original MBR.
The infamous Cutwail botnet has been one of the biggest pushers of ransomware.
How well do you know security? Test yourself with our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…