If you make a hit list of the biggest scares of the 1980’s, the spread of HIV/AIDS would probably make it to the top. Doctors and scientists from all over the world were frantically trying to thwart the deadly disease. But in 1989 HIV researchers themselves became the victims of an epidemic as their computers were infected with the AIDS computer virus – a piece of Trojan horse malware, disguised as a scientific research archive.
Everyone who launched the infected files saw the following message:
“If you install [this] on a microcomputer… then under terms of this license you agree to pay PC Cyborg Corporation in full for the cost of leasing these programs…You are hereby advised of the most serious consequences of your failure to abide by the terms of this license agreement; your conscience may haunt you for the rest of your life…and your [PC] will stop functioning normally…”
After 90 reboots, the virus encrypted and locked the PC, demanding that the user wire $189 to a PO Box in Panama.
By that time, computer viruses were known to both the users and PC security experts. But nobody had ever tried to make money by spreading malicious software. So AIDS has become the first example of ransomware – programs that either block or encrypt user files and blackmail the user.
The story got even more interesting when investigators found the author of the AIDS Trojan. According to accounts in the British press, Doctor Joseph Popp, an anthropologist who had worked within the HIV research community, had mailed about 20,000 floppy disks containing the malware to his colleagues. Media suggested that Popp might have suffered a mental breakdown shortly before that, after being turned down for a World Health Organization job. Some research centers claimed to have lost a decade worth of HIV research material as result of the attack. Popp was arrested by New Scotland Yard and transferred to Brixton prison. However, he was pronounced unfit to stand trial… for wearing a cardboard box on his head, putting curlers in his beard to ward off the threat of radiation, and simply acting weird.
Even though modern-day hackers would definitely get harsher punishment for spreading ransomware, there is no need for them to put themselves in danger by sending out floppy disks, using land lines and PO boxes in Panama. With the help of anonymous crypto currency – the bitcoin, those who create modern-day Trojan horse programs are pretty much safe from prosecution.
The most troubling trend in ransomware distribution is the use of mobile devices. According to one Wired magazine article, the authors of Malware frequently target visitors of porn sites. Here’s how Wired journalists describe the typical modern ransomware attack:
“An erotic enthusiast finds that access to porn isn’t as mobile as he likes. So he ponders that 21st century question: “Is there an app for that?” A dubious message from the FBI appears: suspicious files have been found on his phone. He has accessed forbidden porn sites. A penalty of $500 is demanded. He’s told that if he makes any attempts to unlock the device on his own – it’s against the law.”
Over the course of just a few months in 2013, the computer security software vendor McAfee collected over 250,000 unique samples of ransomware — more than double the number it had obtained just a year earlier.
Some users get rid of unwelcome programs by simply using anti-virus software, while others prefer to pay the ransom, fearing that the Trojan authors knew too much about their online activities.
With just one Trojan called Cryptowall bringing more than $18 million to its authors, the dark industry of ransomware is expected to grow in the coming years.
So if you’re surfing the internet often and don’t want to fall victim to cyber extortion – use common sense, avoid strange websites, keep your personal and financial information safe, and install antivirus software.
