Aggressive ransomware scam redirects to child porn
Posted on 13.09.2013
Getting denounced for viewing or owning child pornography is a huge deal in most Western world countries, so it's no wonder that ransomware peddlers are using that specific - and in this case true - accusation to force victims to part with their hard-earned cash.

The author of the Malware don't need Coffee blog has recently discovered that a relatively new ransomware family dubbed Revoyem (aka DirtyDecrypt) has been terrorizing users all over Europe, Canada and the US (click on the screenshot to enlarge it):

"From a Porn website, you are redirected by a TrafficHolder malvert to a Child Porn themed page (impact 1 : images are highly disturbing here) from which you get infected via Styx which drop you a Ransomware locking your computer displaying disturbing images and telling you just viewed illegal content (impact 2 - amplified cause it's just viewed illegal content even if you've been driven there against your will)," the blogger explains how the attack unfolds.

The victim is presented with laws they have broken, are told the penalties they face, but are also reassured that their computer will be unlocked and they will not have to face prosecution if they pay a significant fine via MoneyPak or PaysafeCard.

Users in different countries see the warning in their own language and it appears to be coming from their own national law enforcement agency.

If you are ever faced with a similar notice, the best thing to do is to actually consult with the police. Given the proliferation of ransom scams like this one, chances are overwhelmingly in your favor that the police is already aware of similar attempts.

Some types of ransomware can be made to unblock the affected computer by typing in a credible payment code that you have supposedly received after paying the fine.

If you are lucky enough to find online an account of someone who has done it and has shared the code with the public, you might be able to unblock the computer yourself. Just remember to scan it afterwards and remove from it the ransomware and any other malware you might find.


The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 31st