"Russian ransomware blocks net access"

http://www.theregister.co.uk/2009/12/01/ransomware_turns_off_net_access/

Miscreants have developed a ransomware package that blocks internet access in a bid to force infected users into paying up by sending a text message to a premium rate SMS number, lining the pocket of cybercrooks in the process.

The malware comes bundled in a package called uFast Download Manager…

detailed description and explanations here:
http://community.ca.com/blogs/securityadvisor/archive/2009/11/30/ransomware-blocks-internet-access.aspx

http://community.ca.com/blogs/securityadvisor/Zarestel/RansomSMS.AH/desktop.gif

translation:

Internet access is blocked due to violation of the license agreement schedules of uFast Download Manager You must activate your copy

Get a registration code by sending an SMS with the following
code fw0004199 to number 7122

In response you will receive an activation message.

Enter the activation message received from the SMS response

now the good news:

The anti-virus vendor (CA) has developed an activation code generator that allows victims to get online again - providing they can download the utility through an uninfected machine first, of course... ;D

so, this is the link to the code generator provided by CA to get rid of that crap:
hxxp://community.ca.com/blogs/securityadvisor/Zarestel/RansomSMS.AH/RansomSMS.AH_ActivationCode.zip
(I don’t leave this link active here, to avoid indexation by search engines, at least from here, not sure if that’s better…)

Geesh… its amazing how complex and tricky things like this are getting now. Won’t be long before we have GPS, DVD player, video game console viruses…though I wouldn’t be surprised if we already do.

Good post. Thanks.

innovative ideas