Reports from Ars Technica and The Register point to the spread of variants of Trojan viruses classified as ransomware. The viruses encrypt user data and threaten to publish them over the Web if the quoted amount is not paid.
Trojans encrypt users’ files so that they can no longer be accessed. The Trojan then plants a readme.txt where users will find it, and inside, demands $300 in order to decrypt the files. The ransom note tells the user in broken English that the files have been encrypted using RSA-4096 and that unless cold, hard cash is forked over within a period of time, the content of the files will be shared with the world and then deleted.
Apart from the fact that virus writers seem to be using varied ways to monetize from security threats, users need to note that the virus apparently spreads over open ports and not as file attachments. If you’re infected by this sort of virus, don’t panic and definitely DON’T pay up! Agencies are working on finding a way to decrypt the files, and the decryption solution will be available soon.