Symantec warns browser Trojan is holding web users to ransom

27 Jul 2009

Symantec Security Response has recently detected a new evolution of ransom threats with the discovery of Trojan.Ransompage – a nuisance tactic that is deployed by rogue anti-virus programs in an attempt to extract a ransom from its victims.

Once infected with the Trojan, the victim’s browser will display a persistent advertisement on every web page that the victim visits and remain on the page as the victim scrolls down.

This ad is written in Russian and states that in order to remove the ad, the victim must send a premium rate text message to the number provided and the user will receive a code to remove the ad.

The premise is that the victim will become so frustrated or embarrassed by the ad that they will succumb to the pressure and send an SMS to the premium rate telephone number, from which the cybercriminals make money.

Symantec has warned users that switching web browsers is unfortunately not an option for this piece of malware as cleverly the author is targeting Internet Explorer, Firefox and Opera.

The best line of defense is to maintain an up-to-date browser and operating system, make sure your web browser and other applications are fully patched and make sure your antivirus and firewall software are running and up-to-date with the latest definitions sets

By John Kennedy

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years