Introducing Ransomware

27 03 2013

I am guilty of not regularly following malware scam security threats, it seems most can be easily prevented and are typically trigged by user actions.   However,   a new variant has recently surfaced that is interesting as it leverages both technical and emotional measures to exploit money.     That variant is Ransomware which display’s a message that a user’s PC is locked due to a crime they committed and payment must be issued prior to resuming use of the PC.

Symantec has created a detailed white paper on this new threat which estimates yearly revenue from the ransomware in excess of $5 million dollar. And even more suppressing approximately 3 out of every 100 users receiving the message pay the fine.     That begs the question, how are so many people fooled by a virus and willing giving pay the malware creator?

To start with, let’s look at examples of messages shown to potential victims:

1

2

 

While the success of the first message of seems very unlikely based on the overall structure of the page, wording and how to pay.    However, the second message contains mock FBI branding,   web cam picture snap shot,   and a fairly open description of the crime.    While some details of the message are overly specific and highly offensive to the mass population, a final comment adds files accessed with/without knowledge due to a virus   This is likely how the malware developers have been successful, creating a feeling of guilt in the user for downloading an illegal pirated song or the possibility a virus has downloaded something worse.

In addition to use in the private sector,   is it really impossible for a government to employee malware based tools for a minor infraction such as a pirated song or downloading a movie still in theaters?     Looking into this further, Kaspersky has published a detail report of governments creating malware for espionage against other governments and organizations.  In addition, there are confirmed reports of governments such as Germany using malware to spy on their own citizens.

It seems both ransomware and government adoption of malware are clear emerging patterns, the question becomes will these to paths intersect?  Will ransomware be the next product governments look to adopt, creating the real possibility of automated enforcement of FBI cybercrimes?

_____________

(1)   http://en.wikipedia.org/wiki/Ransomware_(malware)

(2)   http://arstechnica.com/security/2012/11/mushrooming-growth-of-ransomware-extorts-5-million-a-year/

(3)   http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/ransomware-a-growing-menace.pdf

(4)   http://thenextweb.com/insider/2013/01/14/kaspersky-uncovers-red-october-malware-campaign-targeting-governments-for-the-last-5-years/

(5)   http://thenextweb.com/insider/2013/01/14/kaspersky-uncovers-red-october-malware-campaign-targeting-governments-for-the-last-5-years/

(6)   http://www.geekosystem.com/german-gov-trojan/

(7)   http://www.fbi.gov/knoxville/press-releases/2012/internet-scam-warning-reveton-ransomware

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: