|
German hacker programs Skowrd Trojan
|
 | An eighteen year old boy calls him sk0r or Czybik has developed this dangerous code which spreads uncontrollably all around Internet. It causes serious modifications in the system and disables the protections to protect the PC. |
The Skowrd resides en the memory and can be downloaded from P2P networks, e-mails, instant messages, etc. When modifying the Windows HOSTS file, this Trojan leave the system exposed to any kind of existing and potential threats which abounds in the Web. It is necessary to prevent the PC to be infected with this Trojan since facing up to it may take a great effort.
| It modifies the HOSTS file to restrict the access to Web sites dedicated to the security of the information: |
127.0.0.1 www.antivir.de
127.0.0.1 www.bitdefender.de
127.0.0.1 www.znet.de
127.0.0.1 www.chip.de
127.0.0.1 www.virustotal.com
127.0.0.1 virusscan.jotti.org
127.0.0.1 www.kaspersky.com
127.0.0.1 www.sophos.de
127.0.0.1 www.trojaner-info.de
127.0.0.1 www.trojaner-help.de
127.0.0.1 www.arcabit.com
127.0.0.1 www.avast.com
127.0.0.1 www.grisoft.com
127.0.0.1 www.bitdefender.com
127.0.0.1 www.clamav.net
127.0.0.1 www.drweb.com
127.0.0.1 www.f-prot.com
127.0.0.1 www.google.de
127.0.0.1 www.fortinet.com
127.0.0.1 www.nod32.com
127.0.0.1 www.norman.com
127.0.0.1 www.microsoft.com
127.0.0.1 www.anti-virus.by/en
127.0.0.1 www.symantec.com
127.0.0.1 www.windowsupdate.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.mcafee.com
127.0.0.1 www.viruslist.com
127.0.0.1 www.avp.com
127.0.0.1 www.zonelabs.com
127.0.0.1 www.heise.de
127.0.0.1 www.antivirus-online.de
127.0.0.1 www.free-av.com
127.0.0.1 www.panda-software.com
127.0.0.1 www.pc-welt.de
127.0.0.1 www.pc-special.net
127.0.0.1 download.freenet.de
127.0.0.1 www.vollversion.de
127.0.0.1 www.das-download-archiv.de
127.0.0.1 www.freeware.de
127.0.0.1 www.antiviruslab.com
127.0.0.1 www.search.yahoo.com
127.0.0.1 www.web.de
127.0.0.1 www.hotmail.com
127.0.0.1 www.hotmail.de
127.0.0.1 www.gmx.net
127.0.0.1 www.spiegel.de
127.0.0.1 www.icq.com
127.0.0.1 www.icq.de
127.0.0.1 www.flirtlife.de
127.0.0.1 www.ffh.de
127.0.0.1 www.lavasoft.de
127.0.0.1 www.de.wikipedia.org
127.0.0.1 www.wikipedia.org
127.0.0.1 www.en.wikipedia.org
127.0.0.1 www.wissen.de
127.0.0.1 www.virus-aktuell.de
127.0.0.1 www.arcor.de
127.0.0.1 www.t-online.de
127.0.0.1 www.t-com.de
127.0.0.1 www.alice-dsl.de
127.0.0.1 www.freenet.de
127.0.0.1 www.1und1.de
127.0.0.1 www.fbi.gov
127.0.0.1 www.polizei.de
A note pad is create in the %System% file It appears under the name WARNING_README_NOW.TXT and contains the following message:
WARNING: FILE ENCRYPTION HAS BEEN FINISHED!
############################################
Dear User,
----------
Some Ascii Files have been encrypted with the sk0r alias Czybik's Ascii File Encryption Engine v1.0.
You are not longer able to use those files. But now nothing is lost. You are able to use your files again if
you decrypt them. To do this you need to buy a decoder and the
password.
==========
So how can you buy this? The following steps will show you what to do:
Decryption Notes:
=================
1) Simply write an email to: sk0r1337@???.de with subject: Need Decoder and Password
2) Wait for an email from me.
3) Read the email and follow the stepps (you must give a payment to me to get the decoder and the
password
4) Open the decoder.exe
5) Input File and Password and click decrypt --> Do this for all encrypted files
Pricelist:
Decoder: Game Accounts in worth of about maximum 80
Password: Game or Internet Accounts (Websites) in worth of maximum 20
You see you can be lucky that the Decoder and the Password are so cheap.
Be lucky you are not a victim of other Ransomware, they are very expensive (400$)
So please follow the stepps. Otherwise you will not be able to use your files again.
Don 't send to avers. They will not be able to get or crack the password. So pay or say 'bye' to all your
encrypted files.
Regards: sk0r / Czybik - Malwarewriter
2006 by sk0r / Czybik
Win32.Skowor Ransomware 2006 by sk0r / Czybik sk0r alias Czybik's
Ascii File Encryption Engine v1.0 2006 by sk0r / Czybik.
Read more...
|
News 
