Beware, ransomware virus on prowl

Kidnappers used to make ransom notes with letters cut out of magazines. Now, notes simply pop up on your computer screen, except the hostage is your PC.

In the past year, hundreds of thousands of people across the world have switched on their computers to find distressing messages alerting them that they no longer have access to theirPCs or any of the files on them.

The messages claim to be from the Federal Bureau of Investigation, 20 other law enforcement agencies across the globe or, most recently, Anonymous, a shadowy group of hackers. The computer users are told that the only way to get their machines back is to pay a steep fine.

And, curiously, it is working. The scheme is making more than $5 million a year, according to computer security experts who are tracking them.

The scourge dates to 2009 in Eastern Europe. Three years later, withbusiness booming, the perpetrators have moved west. Security experts say that there are now more than 16 gangs of sophisticated criminals extorting millions from victims across Europe.

The threat, known as ransomware, recently hit the United States. Some gangs have abandoned previously lucrative schemes, like fake anti-virus scams and banking trojans, to focus on ransomware full time.

Essentially online extortion, ransomware involves infecting a user's computer with a virus that locks it. The attackers demand money before the computer will be unlocked, but once the money is paid, they rarely unlock it.

In the vast majority of cases, victims do not regain access to their computer unless they hire a computer technician to remove the virus manually. And even then, they risk losing all files and data because the best way to remove the virus is to wipe the computer clean.

It may be hard to fathom why anyone would agree to fork over hundreds of dollars to a demanding stranger, but security researchers estimate that 2.9 percent of compromised computer owners take the bait and pay. That, they say, is an extremely conservative estimate. In some countries, the payout rate has been as high as 20 percent.

That people do fall for it is a testament to criminals' increasingly targeted and inventive methods. Early variations of ransomware locked computers, displayed images of pornography and, in Russian, demanded a fee - often more than $400 - to have it removed. Current variants are more targeted and toy with victims' consciences.

Researchers say criminals now use victims' Internet addresses to customize ransom notes in their native tongue. Instead of pornographic images, criminals flash messages from local law enforcement agencies accusing them of visiting illegal pornography, gambling or piracy sites and demand they pay a fine to unlock their computer.

Victims in the U.S. see messages in English purporting to be from the FBI or Justice Department. In the Netherlands, people get a similar message, in Dutch, from the local police. (Some Irish variations even demand money in Gaelic.)

The latest variants speak to victims through recorded audio messages that tell users that if they do not pay within 48 hours, they will face criminal charges. Some even show footage from a computer's webcam to give the illusion that law enforcement is watching.

The messages often demand that victims buy a preloaded debit card that can be purchased at a local drugstore - and enter the PIN. That way it is impossible for victims to cancel the transaction once it becomes clear that criminals have no intention of unlocking their PC.

The hunt is on to find these gangs. Researchers at Symantec said they had identified 16 ransomware gangs. They tracked one gang that tried to infect more than 500,000 PCs over an 18-day period.

But even if researchers can track their Internet addresses, catching and convicting those responsible can be difficult. It requires cooperation among global law enforcement, and such criminals are skilled at destroying evidence.

Charlie Hurel, an independent security researcher based in France, was able to hack into one group's computers to discover just how gullible their victims could be. On one day last month, the criminals' accounting showed that they were able to infect 18,941 computers, 93 percent of all attempts.

Of those who received a ransom message that day, 15 percent paid. In most cases, Hurel said, hackers demanded 100 euros, making their haul for one day's work more than $400,000.

That is significantly more than hackers were making from fake anti-virus schemes a few years ago, when so-called "scareware" was at its peak and criminals could make as much as $158,000 in one week.

Scareware dropped significantly last year after a global clampdown by law enforcement and private security researchers. Internecine war between scareware gangs put the final nail in the coffin. As Russian criminal networks started fighting for a smaller share of profits, they tried to take each other out with denial of service attacks.

Now, security researchers are finding that some of the same criminals who closed down scareware operations as recently as a year ago are back deploying ransomware.

"Things went quiet," said Eric Chien, a researcher at Symantec who has been tracking ransomware scams. "Now we are seeing a sudden ramp-up of ransomware using similar methods."

Victims become infected in many ways. In most cases, people visit compromised websites that download the program to their machines without so much as a click.

Criminals have a penchant for infecting pornography sites because it makes their law enforcement threats more credible and because embarrassing people who were looking at pornography makes them more likely to pay. Symantec's researchers say there is also evidence that they are paying advertisers on sex-based sites to feature malicious links that download ransomware onto victims' machines.

"As opposed to fooling you, criminals are now bullying users into paying them by pretending the cops are banging down their doors," said Kevin Haley, Symantec's director of security response.

More recently, researchers at Sophos, a British computer security company, noted that thousands of people were getting ransomware through sites hosted by GoDaddy, the popular Web services company that manages some 50 million domain names and hosts about 5 million websites on its servers.

Sophos said hackers were breaking into GoDaddy users' accounts with stolen passwords and setting up what is known as a subdomain. So instead of, say, nameofsite.com, hackers would set up the Web address nameofsite.blog.com, then send emails to customers with the link to the subdomain which - because it appeared to come from a trusted source - was more likely to lure clicks.

Scott Gerlach, GoDaddy's director of information security operations, said it appeared the accounts had been compromised because account owners independently clicked on a malicious link or were compromised by a computer virus that stole password credentials. He advised users to enable GoDaddy's two-step authentication option, which sends a second password to users' smartphones every time they try to log in, preventing criminals from cracking their account with one stolen password and alerting users when they try.

One of the scarier things about ransomware is that criminals can use victims' machines however they like. While the computer is locked, the criminals can steal passwords and even get into the victims' online bank accounts.

Security experts warn to never pay the ransom. A number of vendors offer solutions for unlocking machines without paying the ransom, including Symantec, Sophos and F-Secure. The best solution is to visit a local repair shop to wipe the machine clean and reinstall backup files and software.

"This is the new Nigerian email scam," Haley said. "We'll be talking about this for the next two years."

Hundreds queue up for Wii U debut in Japan

Hundreds of people queued up at electronics shops across Japan Saturday asNintendo released its new Wii U game console, hoping to reposition itself in a gaming marketinvaded by online social games.
About 100 people were waiting outside Bic Camera's flagship store in Tokyo's Ikebukuro commercial district before it opened at 8 am, with the number quickly swelling to several hundred, an AFP photographer said.
"I have already ordered one. But I lined up to catch this carnival atmosphere," a 24-year-old graduate student, who waited overnight to become the first Wii U buyer at the Tokyo shop, told local media.
"I want to go home quickly to play the game."

The Japanese electronics titan has already released the successor to its video game console Wii in the United States, Europe and Australia.
More than 425,000 new units were sold in the first week on the US market after its release there on November 18, according to Nintendo.
The original Wii device has sold more than 97 million units around the world since its launch in 2006.

The company plans to sell 5.5 million units of the new console and 24 million pieces of software by the end of March, hoping to turn around business after posting a net loss of 43.2 billion yen ($520 million) in the year to March 2012.
Wii U, equipped with a touch-screen controller called the Wii U GamePad, enables players to play games on a television display or on the GamePad screen.

The suggested retail price of its 8-gigabyte model in Japan is 26,250 yen ($318) and that of its 32-gigabyte model 31,500 yen.
Nintendo has vowed to start a trend in "asymmetrical play" that lets players using GamePad tablets have different in-game perspectives and roles than those using traditional wand controllers.
The new console is also portable -- offering up a challenge to smartphone games -- but still offers players the option to jump, shift and shout as they wriggle their bodies to move the action onscreen, like the original Wii

Now, LCD embedded contact lenses that can display text messages

Researchers have developed new technology that will allow information, like text messages from a mobile phone, to be projected onto a contact lens worn in the human eye.

Ghent University's centre of microsystems technology has developed a spherical curvedLCD display that can be embedded in contact lenses and handle projected images using wireless technology.

"Now that we have established the basic technology, we can start working towards real applications, possibly available in only a few years," the Telegraph quoted Professor Herbert De Smet as saying.

Unlike previous contact lens displays, which are limited to a few small pixels to make up an image, the new technology allows the whole curved surface of the lens to be used.

One application suggested by the researchers is a "one pixel, fully covered contact lens acting as adaptable sunglasses."

"This is not science fiction," Jelle De Smet, the chief researcher on the project, said.

"This will never replace the cinema screen for films. But for specific applications it may be interesting to show images such as road directions or projecting text messages from our smart phones straight to our eye," De Smet added.

Sony announces Xperia E, Xperia E Dual smartphones

Sony Mobile has recently announced the Xperia E and Xperia E dual, Android-based smartphones. The Xperia E is a single sim device while the Xperia E Dual features dual-SIM capability.

Both the devices have similar specifications. The phones have a 3.5-inch display with a 320x480 pixels resolution and are powered by an 1GHz Qualcomm Snapdragon MSM7227A processor. Apart from this both phones feature a 3.2 megapixel rear camera which supports VGA video recording. Along with other specifications like 512MB of RAM, 4GB built-in storage and up to 32GB of expandable memory via a microSD card. Both smartphones are powered by a 1,500 mAh battery.

Apart from the dual-SIM capability another major difference between the two is that the Xperia E runs Android 4.1 Jelly Bean while the Xperia E Dual runs Android 4.0 ICS but it can later be upgradable to Jelly Bean.

These smartphones also feature HD Voice and noise cancellation for improved call quality and are equipped with xLoud for improved sound output. The Xperia E will come in white, black and pink colors and the Xperia E Dual will come in black and gold colors. These smartphones are expected to be available in Q1 2013.

Telenor, Videocon may shut services on January 18

Millions of mobile phone users in India may have to look for new service providers with three telecom operators likely to switch off their networks from January 18. However, the imminent network shutdown offers a window of opportunity for other operators to pick up these subscribers.

Telecom operators Telenor, Videocon and Tata Teleservices, which collectively have about 10 million subscribers in the circles where their licences expire next month, are among the nine telcos whose mobile permits were cancelled by the Supreme Court in February this year in the 2G-spectrum allocation case. The affected operators have permission to use their allocated spectrum till January 18.

In a recent re-run of the auction, Norway's Telenor was able to secure airwaves in only six circles, excluding Mumbai, Kolkata and West Bengal where it has nearly 7.5 million customers.

Similarly Videocon, which managed to retain permits in six regions, will have to shut down GSM operations in 11 circles including the key markets of Mumbai, Maharashtra, Tamil Nadu, Kolkata, Kerala, Karnataka, Andhra Pradesh and Rajasthan, which together account for its nearly 1.7 million users.

The count of affected subscribers is based on end-October data provided by the Cellular Operators Association of India (COAI).

Tata Teleservices, which chose not to bid again for the CDMA airwaves it held in the loss-making zones of Assam, the northeast and J&K, will disconnect services to nearly 300,000 subscribers in these areas.

The government has said it will hold another round of spectrum auctions before March 2013. An inter-ministerial panel is set to meet on Friday to decide on the reserve price for this auction.

A spokesman for the Telenor Group said, "We have been able to ensure business continuity in six circles. In the remaining regions—Mumbai, Kolkata and West Bengal-our services will remain operational at least till January 18." He declined comment on the fate of its nearly 1,200-strong workforce in these regions.

The operator's Indian unit, Uninor, has lost revenue market share in the three months ended September, which analysts at Goldman Sachs attributed to "its reduced footprint going into the 2G auctions".

Videcocon group chairman Venugopal Dhoot did not respond to an emailed query sent by ET seeking information on its plan and potential job losses.

Tata Teleservices, however, said it is taking necessary steps with respect to employees, customers and business partners in the circles where it will stop operations. "TTSL will close down operations in these circles from January 18 and announcements regarding steps being taken will be made in due course," a company spokeswoman said. She did not give more details on the affected workforce.

The company, which has maintained that being a pure play CDMA operator, its legal case is significantly different compared to other mobile operators has filed a curative petition before the Supreme Court seeking restoration of its licences. The petition was filed on May 4 this year but has not been listed for hearing till date.

With no clarity on whether Sistema will procure spectrum in the next auction or whether its curative petition will be heard before January 18, the affected subscriber-base is likely to rise to 26 million.

Experts, however, are divided on whether telcos will go all out to grab new customers in circles where these operators are slated to shut down operations.

"The industry is now mature and mobile phone companies will thoroughly evaluate whether they want to grab more customers, and which ones in particular," said Ernst & Young's Prashant Singhal. "Since a larger portion of these customers would already have two to three SIMs and would be extremely price conscious, they could easily abandon their third or fourth service provider and stick with the ones offering the lowest call and text messaging rates."

Hemant Joshi, partner at Deloitte Haskins & Sells, added that market leaders are likely to do marketing in small pockets for potential customers and not incur heavy cost on dealer or retailers commissions.

But Mahesh Uppal, director of Com First (India), a consultancy dealing in telecom regulatory affairs, disagrees. "Most customers of the cancelled licensees probably do not generate high revenues. Therefore, most operators will not actively seek them. But they would not shun them either since they may be low revenue generating customers but are not "net cost" for a telco," Uppal said, adding that the incremental costs of expanding customer base in a wireless business as opposed to a landline scenario are negligible.

Analysts GV Giri and Balaji Subramanian of IIFL Institutional Equities said in a recent note to clients that the main beneficiaries of Uninor's revenue market share loss in the four suspended circles were Bharti Airtel (Karnataka and Kerala), Vodafone (Orissa), Aircel and RCom (both in Tamil Nadu). Telenor's India unit scaled down operations in these circles earlier this year to optimise costs.

Samsung starts pre-order for Galaxy Music Duos @ Rs 9,199

Samsung India has started taking pre-orders for Galaxy Music Duos, the Android 4.0 (Ice Cream Sandwich)-powered smartphone it showcased in October 2012. The company has priced the device at Rs 9,199 and offers cash-on-delivery option for it.

The all-new Galaxy Music Duos is a dual-simsmartphone aimed at music lovers and comes with two speakers in the front, a dedicated music key and audio technologies like Sound Alive and SRS. This device has a 3-inch LCD touchscreen with 240x320-pixel resolution and runs on an 850MHz processor with 512MB RAM. It has 4GB internal memory and supports 32GB microSD cards for expansion.

Powered by a 1,300mAh battery, the device comes with a 3MP camera without flash and also misses a front-facing snapper. For connectivity, Samsung Galaxy Music Duos has features like Wi-Fi, 3G, 2G, Bluetooth 3.0 and microUSB.

Though Samsung India's e-store currently shows that the new smartphone is not available, online retailer Snapdeal has it in stock. The ecommerce website is offering the device at Rs 8,999.
Key specs of Samsung Galaxy Music Duos:

Display: 3-inch LCD touchscreen with 240x320-pixel resolution;
Operating system: Android 4.0 (Ice Cream Sandwich);
Processor: 850MHz;
RAM: 512MB;
Memory: 4GB internal, support for 32GB microSD card;
Camera: 3MP rear camera;
Connectivity: Wi-Fi, 3G, 2G, Bluetooth 3.0 and microUSB;
Battery: 1,300mAh;
Misc: Dedicated music key, Sound Alive and SRS audio technologies, dual frontal speakers

Apple to launch iPad mini in India @ Rs 21,900

Apple, whose valuation in thestock market fell below $500 billion on Thursday, has reportedly launched iPad mini, fourth-generation iPad and Apple TV in India today. This comes less than a week after the company rolled out iTunes Store in the country, which has not been its priority for long.

iPad mini, which has a 7.9-inch touchscreen, has come to India at starting price of Rs 21,900 for the 16GB Wi-Fi-only version. The 32 and 64GB Wi-Fi-only versions of the device cost Rs 27,900 and 33,900 in the country, respectively. The 16, 32 and 64GB Wi-Fi+4G iterations of Apple's mini-tablet have been priced at Rs 29,900, 35,500 and 41,900, respectively.

The manufacturer has officially launched the fourth-generation iPad in India today. Compatible with 4G networks, the tablet has a 9.7-inch touchscreen with Retina display technology and runs on A6X dual-core processor. The 16, 32 and 64GB Wi-Fi-only variants of the latest iPad are priced at Rs 31,900, 37,900 and 43,900, respectively. Similarly, the 16, 32 and 64GB versions of Wi-Fi+4G enabled iPad cost Rs 39,900, 45,900 and 51,900, respectively, in India.

iPad mini and fourth-generation iPad were showcased by the company on October 23 in the US and began shipping a week later in the international market.