Posted by Virus Bulletin on Dec 14, 2006
Accounts held hostage by data-stealing extortionists.
Following the wave of 'ransomware' attacks first spotted in the summer of 2005, online extortionists have picked another target - webmail accounts. According to an alert from Websense, reports are coming in of web-based email accounts broken into by crooks and held to ransom.
The webmail (in most cases so far Hotmail) accounts are hijacked, presumably accessed using keyloggers or other data-gathering software slipped onto victims' systems, and all emails and contact details removed. A message is left for the user in 'poorly-written Spanish' demanding money for the return of the data.
No information as to the amounts demanded or the password-stealing method has yet emerged. The new attack style is expected to reach the English-speaking world soon. More details including screenshots can be found in the Websense alert.
Posted on 14 December 2006 by Virus Bulletin
