ST

Panda Labs has published some research on Rogueware holding it's victims for a "ransom". Accroding to them: The criminals behind Rogueware attacks are becoming increasingly aggressive in their approach to make money. We recently stumbled across a sample (Adware/TotalSecurity2009) which uses a ransomware technique to improve its sales. Once the computer becomes infected, Total Security forces the victim to purchase it before it will allow any files from being accessed on the system.  When attempting to open a file, a message pops up in the notification area claiming that the application was blocked due to infection.  The pop up recommends activating the "antivirus" software, which costs $79.95. This would be a devastating blow to any user and would likely force the victim to purchase it, so we went ahead and cracked the sample to reveal all of the valid serial numbers. We're hoping that  victims can find this blog post before shelling out any hard earned cash to these criminals.

Here is a video demo of the whole process: