Often the malicious will do this by encrypting the files in your My Documents folder, and requesting that money is wired to them via a service like Western Union.
Today, however, researchers in SophosLabs saw something a little different. A piece of ransomware originating in Russia blocks access to Windows and demands payment by sending an SMS message to a premium rate mobile number:
If your Russian is a little rusty, then here's a quick translation:
WINDOWS BLOCKED
To unblock send an SMS
To number 3649
With Text :k2590620008
Enter the received code:
*Any action mimicking activation will result in data loss and computer violation
So it's another sneaky way for the hackers to make money at your expense. But the question I have is this: Surely the telephone company knows who has registered that premium rate phone number? Isn't that an obvious line of enquiry for the authorities to follow?
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos Website, then you can find him on Twitter at @gcluley. Special to Dark Reading.