Aggressive ransomware scam redirects to child porn
Posted on 13.09.2013
Getting denounced for viewing or owning child pornography is a huge deal in most Western world countries, so it's no wonder that ransomware peddlers are using that specific - and in this case true - accusation to force victims to part with their hard-earned cash.

The author of the Malware don't need Coffee blog has recently discovered that a relatively new ransomware family dubbed Revoyem (aka DirtyDecrypt) has been terrorizing users all over Europe, Canada and the US (click on the screenshot to enlarge it):



"From a Porn website, you are redirected by a TrafficHolder malvert to a Child Porn themed page (impact 1 : images are highly disturbing here) from which you get infected via Styx which drop you a Ransomware locking your computer displaying disturbing images and telling you just viewed illegal content (impact 2 - amplified cause it's true...you just viewed illegal content even if you've been driven there against your will)," the blogger explains how the attack unfolds.

The victim is presented with laws they have broken, are told the penalties they face, but are also reassured that their computer will be unlocked and they will not have to face prosecution if they pay a significant fine via MoneyPak or PaysafeCard.

Users in different countries see the warning in their own language and it appears to be coming from their own national law enforcement agency.

If you are ever faced with a similar notice, the best thing to do is to actually consult with the police. Given the proliferation of ransom scams like this one, chances are overwhelmingly in your favor that the police is already aware of similar attempts.

Some types of ransomware can be made to unblock the affected computer by typing in a credible payment code that you have supposedly received after paying the fine.

If you are lucky enough to find online an account of someone who has done it and has shared the code with the public, you might be able to unblock the computer yourself. Just remember to scan it afterwards and remove from it the ransomware and any other malware you might find.









Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //