A new type of ransomeware that tries to fool victims using Macs or Windows into paying fines of $300 could be making its authors hundreds of thousands of dollars a day, according to a senior security researcher at Malwarebytes.
Jerome Segura wrote in a blog that the scam displays a message purportedly from the FBI telling the user that his or her browser has been locked for reasons including “violation of copyright and related rights law” or “viewing or distributing prohibited pornographic content”.
The user is instructed to pay a “release fee” of $300 via MoneyPak to have the browser unlocked.
“You can bet many people are going to fall for this scam and pay the ransom money, filling the bad guys’ pockets,” Segura said. “Based on traffic rankings gathered by Alexa’s ranking system, we can get an idea of how many users were directed to the ransom page. One such site had 50K hits for one day. Say that 2% – or 1,000 visitors – actually end up paying the ransom, you are looking at $300K in the bad guys’ pockets in just one day.”
He said the sites loading the ransomeware had an IP address in Russia.
The ransomeware would run on “pretty much all browsers, Windows or OS X,” Segura said. “However, Windows users are normally served a drive-by download and get a full (and real) computer lock. Mac users did not have to worry about that, but yet with this new technique, the bad guys are targeting both platforms by using a very basic script and leveraging what works best: social engineering.”
- About Corero
- Investor Relations
- News Room
- Executive Management Team
- Corero Offices
- Contact Us