New malware charges $80 to find your hidden files and folders

Talk about playing hide and seek. A new malware is now preying on the fears of computer users by turning their files and folders invisible, then offering an $80 tool to "fix" the hard-disk problem.

 

Computer security firm BitDefender said the nasty new "scareware" Trojan.HiddenFilesFraud.A aims to panic people into buying the "repair tool."

 

"In a crafty attempt to induce more confusion and frustration in the victim’s mind, the malware immediately hides all folders and files it finds on the user's machine. The approach of hiding some folders or files is not new in the cybercrime world, but hiding all folders and then offering a mending tool is an example of astute of social engineering," BitDefender said in a post on its Malware City blog.

 

BitDefender said those behind the new malware appear to be targeting people with precious data on their hard drives such as Masters or Doctorate papers, wedding pictures, monthly reports or client databases.

 

It said a Trojan, Win32.Brontok.AP@mm, downloads the malware on the compromised system.

 

The Win32.Brontok.AP@mm worm uses removable drives to spread, and copies itself in every folder on the infected stick under the name of that folder.

 

"It adds an .exe extension that remains hidden from users. This is an indicator that it needs the user to recognize, trust, click and thus install it on the PC," BitDefender said.

 

Once downloaded by the worm, the malware then pretends to be a disk repair utility and alerts the victim that his or her computer has many problems, putting personal data at risk.

 

The malware may even show a folder that appears empty, accompanied by a popup that announces a HDD error.

 

"No need for advanced rootkits that might fail on newer operating systems: the malware sets the files and folders as hidden by modifying file attributes. As a bonus, some key shortcuts are also disabled, building on the user’s sensation that he is no longer in control of his system. The PC, by the way, is working just fine all this time," it said.

 

Yet, it said the user has no way of knowing this - and worse, a user who cannot find his or her files and folders on the system will likely assume the worst.

 

BitDefender said Trojan.HiddenFilesFraud.A will even display multiple error windows informing the user that it could not write something in system32 due to a critical hard-disk error.

 

"Confusing is that these messages appear to have come from the OS itself. Just about now, the user is supposed to be scared enough and convinced to reach for his pocket and pay $80 for the repair utility that will do absolutely nothing once purchased. The scam is done, the money is gone," it said. — TJD, GMA News