"Ransom-ware" is relatively new term that Panda Antivirus researchers have dubbed for a new form of malicious code that infects PCs, and then demands money in return for cleaning up the machine. "This is just another plain example of how hackers are increasingly driven by greed", said Luis Corrons, the director of Panda"s research lab in a press release. Now SpywareNo, joins the increasing list of this new form of spyware.
Downloaded almost automatically when users visit certain porn or pirate Web sites, SpywareNo exploits various vulnerabilities found in Microsoft"s Internet Explorer to get onto a PC. Once it installs itself, it creates an icon on the desktop and displays a bogus warning that the user"s PC is infected with spyware. It can also modify the windows system registry to make sure that it starts again even after a user thinks that he/she has deleted it.
The on-screen alert encourages users to purchase the full version, which costs $20 US. for a month"s subscription, or $60 US. for an annual plan. Only those who pay that fee see the supposed "threats" disappear.
"If users fail to register, this commercial software will "detect" threats that don"t actually exist on the computer, and which will "disappear" as soon as users pay for the product," said Panda in its own warning.
"Within 48 hours of the first report we had of SpywareNo, we had reports from all over the place," said Eric Howes, a contributor to the popular Spyware Warrior site.
The fact that reports of SpywareNo had come from numerous sources, at about the same time indicate that it had been seen on multiple Web sites.