Accounts held hostage by data-stealing extortionists.
Following the wave of ‘ransomware’ attacks first spotted in the summer of 2005, online extortionists have picked another target – webmail accounts. According to an alert from
Websense
, reports are coming in of web-based email accounts broken into by crooks and held to ransom.
The webmail (in most cases so far
Hotmail
) accounts are hijacked, presumably accessed using keyloggers or other data-gathering software slipped onto victims’ systems, and all emails and contact details removed. A message is left for the user in ‘poorly-written Spanish’ demanding money for the return of the data.
No information as to the amounts demanded or the password-stealing method has yet emerged. The new attack style is expected to reach the English-speaking world soon. More details including screenshots can be found in the
Websense
alert
.
Posted on 14 December 2006 by
Virus Bulletin
Leave a Reply