Easily deflected ransomware relies on victims' embarrassment
Posted on 18.12.2013
The appearance of Browlock ransomware earlier this year demonstrates that this type of malware does not need to wreak much havoc on the targets' computer to be taken seriously.

Browlock does not download child abuse material and it doesn't encrypt files on the targets' computer. In fact, if doesn't even block the entire computer.


"This ransomware is instead a plain old Web page, with JavaScript tricks that prevent users from closing a browser tab," explains Symantec's Gavin O Gorman. "It determines the userís local country and makes the usual threats, claiming that the user has broken the law by accessing pornography websites and demands that they pay a fine to the local police."

The browser-based Browlock has many warning notices in different languages up its sleeve, but currently targets mostly US, European, Canadian and Australian users.

The cyber crooks wielding the malware are keeping the costs down to a minimum. As there is no malicious executable to be served and installed, they just need to pay for adult-themed malvertising that redirects traffic to the websites sporting the message.

Judging by the number of these redirections Symantec blocked since September (1.8 million), the malvertising approach is extremely successful. Who knowns how many redirections have been blocked by other security companies, and how many were successful because users don't use a security solution capable of it?

Ultimately, when landing on one of these sites users can't close the tab, but can make the notice disappear by closing the browser window. You would think that such an easily deflected attack would not be successful enough for the crooks to keep doing it, but you would be wrong.

"The usual ransomware tactic of targeting users of pornographic websites continues to capitalize on a victimís embarrassment and may account for the success rate," the researcher concludes.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //