Easily deflected ransomware relies on victims' embarrassment
Posted on 18.12.2013
The appearance of Browlock ransomware earlier this year demonstrates that this type of malware does not need to wreak much havoc on the targets' computer to be taken seriously.

Browlock does not download child abuse material and it doesn't encrypt files on the targets' computer. In fact, if doesn't even block the entire computer.


"This ransomware is instead a plain old Web page, with JavaScript tricks that prevent users from closing a browser tab," explains Symantec's Gavin O Gorman. "It determines the userís local country and makes the usual threats, claiming that the user has broken the law by accessing pornography websites and demands that they pay a fine to the local police."

The browser-based Browlock has many warning notices in different languages up its sleeve, but currently targets mostly US, European, Canadian and Australian users.

The cyber crooks wielding the malware are keeping the costs down to a minimum. As there is no malicious executable to be served and installed, they just need to pay for adult-themed malvertising that redirects traffic to the websites sporting the message.

Judging by the number of these redirections Symantec blocked since September (1.8 million), the malvertising approach is extremely successful. Who knowns how many redirections have been blocked by other security companies, and how many were successful because users don't use a security solution capable of it?

Ultimately, when landing on one of these sites users can't close the tab, but can make the notice disappear by closing the browser window. You would think that such an easily deflected attack would not be successful enough for the crooks to keep doing it, but you would be wrong.

"The usual ransomware tactic of targeting users of pornographic websites continues to capitalize on a victimís embarrassment and may account for the success rate," the researcher concludes.









Spotlight

Successful strategies to avoid frequent password changes

Posted on 19 August 2014.  |  After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, thereís a better way.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //