AGRA: A new version of a notorious virus that takes over a system until money is paid as ransom has been detected by cyber experts. Version 2.0 of the TeslaCrypt ransomware encryptor family, say experts, is notorious for infecting computers of gamers.
The malicious program is now targeting online consumers and businesses via email attachments which block access to a computer system until a sum of money, specifically in dollars, is paid as ransom. If the victim delays, the ransom is doubled.
Detected in February 2015, TeslaCrypt began infecting systems in the US, Europe and Southeast Asian countries. It then occurred in Indian cities including Delhi and Mumbai. Two businessmen from Agra were targeted this year, from whom the extortionist demanded more than $ 10,000.
Speaking to TOI, Agra cyber cell in-charge Nitin Kasan said, “In the last six months, two cases were reported in Agra, where the malware locked down its victim’s most important files and kept them hostage in exchange for a ransom to unlock it.”
Sandeep Gupta, a victim of online extortion, who owns a handicraft export company in Agra, said, “In February, my company website and emails which contained important transaction details and client information were blocked by some unknown Nigerian hacker.”
In an email, the hackers demanded a ransom of $ 10,000 and threaten to destroy all of Gupta’s data. “I sought help from the Agra police cyber cell, who helped me to regain control over my website,” he said.
After gaining control over the victim’s computer, TeslaCrypt, also known as hunters of computer gamers, displays an HTML page on the web browser which is an exact copy of CryptoWall 3.0, another notorious ransomware program.
Altaf Halde, managing director (South Asia) of Kaspersky Lab who first detected the ransomware said, “Ransomware is a type of malware that is a digital mechanism for extortion. The average consumer and both large and small businesses can be victims of ransomware. Such an attack is typically delivered delivered via an email that includes an attachment that could be an executable file, an archive or an image. Once the attachment is opened, the malware is deployed on the user’s system.”
CryptoLocker, CryptoWall, CoinVault and CTB-Locker are all examples of ransomware.