Bitdefender experts came across a piece of scareware that makes victims believe that something may have happened to all the files and folders stored on their computers. The user is then requested to pay $80 (60 EUR) for a tool that allegedly addresses the problem.
Scareware or ransomware is not uncommon, many security solutions providers releasing advisories on how to handle threats which pose as law enforcement agencies that demand the payment of fines, accusing the user of copyright infringement.
However, this Trojan relies on the fact that many computer owners panic if they see that all their personal files and folders have suddenly disappeared.
Identified as Trojan.HiddenFilesFraud.A, the rogue disk repair utility starts operating by informing the user of certain issues that affect the computer. Since many people are already accustomed to fake AV’s, this malicious application has an ace up its sleeve that makes everything look more realistic.
It changes the attributes of all files and folders, setting them as Hidden, so that the user may think that everything has been deleted from the hard drive. Certain key shortcuts are also disabled to induce more panic.
Even worse, the worm that downloads HiddenFilesFraud.A, Win32.Brontok.AP@mm, ensures that the files’ attributes can’t be modified from Windows Explorer back to their original state.
After displaying the numerous “errors” that affect the system, the scareware advertises a repair utility that costs $80 (60 EUR). Of course, just as in the situations presented on other occasions, the so-called utility does absolutely nothing.
Brontok.AP@mm, the element responsible for installing Trojan.HiddenFilesFraud.A, quickly copies itself on removable media drives to ensure that it spreads without difficulty from one computer to another.
Scareware most often relies on the fact that users fail to keep their security software constantly up-to-date. That’s why internauts are always recommended to ensure that a decent, updated antivirus solution is always keeping an eye out for malicious elements.