New "Microsoft" Trojan Hijacks Computers, Reports PandaLabs

Malwar can be distributed in many ways, including through spam and P2P downloads

September 7, 2011

2 Min Read


Bracknell, September 7th, 2011:

PandaLabs, the antimalware laboratory of Panda Security, The Cloud Security Company, has detected a new ransomware Trojan that pretends to come from Microsoft. The Trojan, dubbed Ransom.AN, alerts the user that their copy of Windows is illegal and threatens to cripple their computer if they don’t enter a specific code, which the user will be provided after paying 100 euros (approximately £88 at todays exchange rates).

The malware, specifically targeting German-speaking users, can be distributed in many ways including through spam and P2P downloads. After alerting the user that their copy of Windows is not legitimate, it invites victims to pay for the code with their credit card via a malicious website. To further encourage users to submit their financial information, Ransom.AN informs users that prosecution will take action if they don’t make payment in 48 hours, after which the user will also lose all the information on their computer.

"These types of Trojans are very dangerous because once they infect the computer it is extremely difficult to remove manually, forcing users to pay the ransom or reformat their devices," says Luis Corrons, technical director of PandaLabs. Continues Corrons, "In addition, because Ransom.AN appears to come from Microsoft and threatens actions from authorities, many users believe what the Trojan says and make the payment out of fear."

To stay protected against Ransom.AN and other threats, PandaLabs recommends all computer users have updated protection installed on their computers, such as the free Panda Cloud Antivirus, which can be downloaded from

More information about Ransom.AN is available on the PandaLabs blog (, including an activation code in case you are unlucky enough to be infected with Ransom_AN and your current security solution is unable to remove it.

About Pandalabs

Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights