Jump to content

New Ransomware Targets Pedophiles


straycat19

Recommended Posts

Proofpoint researchers spotted a ransomware dubbed Ransoc that uses bold tactics to target and extort pedophiles and torrent users.


While anyone with an unsecured machine may be infected, Ransoc scrapes Skype and social media profiles for personal information while it scans files and torrents for potentially sensitive information, including strings associated with child pornography in an attempt to gain more leverage on the victims who may have child pornography or other illegal files, according to a Nov 14 blog post.


The ransomware is spread via malvertising primarily fed by the Plugrush and Traffic Shop traffic exchanges on adult websites and looks to infect Internet Explorer on Windows and Safari on OS X.

 

Once a user is infected the malware uses a screen locker displaying information from the victim's social media  and may display a customized “Penalty Notice” if the malware believes it has spotted illegal files on a user's device.


The notice also threatens to take the victim to trial and to publicly release all of the files collected by the ransomware if the victim doesn't pay. Researchers noted in the blog that the ransomware is targeting the victim's reputation rather than their files.


The malware also attempts to encourage payment by telling users their ransom will be refunded if the victim isn't caught again within 180 days.


The collection method also displayed the confidence level that the malware's authors have as it request credit card information which is easier for authorities to trace than Bitcoin or other crypto currencies. Researchers said in the post that this implies the attackers are confident victims would rather pay the ransom.


“This ransomware is unique in how it functions and the sorts of information it collects,” Proofpoint's Threat Operations Center Vice President Kevin Epstein told SC Media via emailed comments. “It's blackmail-ware rather than hostage-ware.”

 

Source

Link to comment
Share on other sites


  • Replies 8
  • Views 836
  • Created
  • Last Reply
10 minutes ago, straycat19 said:

“It's blackmail-ware rather than hostage-ware.”

 

Heh Heh. When you have them "by the balls..."

Link to comment
Share on other sites


Who is to trust malware authors anyways. This could pose a huge problem in the near future.

 

Might be used against p2p network users in general. Whether you download movies, music or software.

 

A Robin Hood like attitude should not be an acceptable excuse to let this virus roam freely. Framing people won't be far from their reach either.

Link to comment
Share on other sites


1 hour ago, straycat19 said:

The malware also attempts to encourage payment by telling users their ransom will be refunded if the victim isn't caught again within 180 days.

 

They seem to have a really refined sense of black humor!

Link to comment
Share on other sites


pedos deserve what ever they get at same time virus could be used against regular file sharers. think maybe a better way to deal with a pedo.

Link to comment
Share on other sites


Finally.a good cause ransom 

Link to comment
Share on other sites


7 hours ago, knowledge said:

i have no problems with this

 

7 hours ago, straycat19 said:

victims who may have child pornography or other illegal files

 

I find that last bit a little worrisome.  What exactly do they define as "other illegal files"? 

Link to comment
Share on other sites


On 20/11/2016 at 7:08 AM, Xionic said:

Finally, a good cause ransom 

 

On 20/11/2016 at 1:32 AM, knowledge said:

I have no problems with this

Neither do I. ;)

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...