Researchers at MalwareHunterTeam spotted the software, called nRansomware on Thursday.
"Your computer has been locked," reads the message, which then asks the victim to email the hackers. "After we reply, you must send at least 10 nude pictures of you. After that we will have to verify that the nudes belong to you."
It's not quite clear yet how many people have been hit with this ransomware, or how serious the hackers behind it really are, but nRansom.exe, is classified as malicious by VirusTotal.
Malware can end up on these repositories if someone manually submits an entry and details what it does and how, or if malware is submitted and is then automatically analyzed. Motherboard attempted to infect a virtual machine with the malware but was unable to do so.
But it could very well be a prank that doesn't actually encrypt a victim's files. The malware also appears to play looped music that is the Curb Your Enthusiasm theme song—in the background.
Motherboard said: "In any case, while this ransomware is clearly gross, sadly, it's not unexpected. Hackers have for years used malware to spy on women and steal their nudes or access their webcams."
We agree. Just when you thought it could not sink any lower... it did.
And while we are talking extortion, this just came in from down under, and it has been spotted in America as well. Email scammers are targeting Australians with pornography and adult dating links which are then followed up with extortion attempts in an aggressive new form of attack.
Internet security firm Forcepoint says it picked up more than 33,500 such emails last week, peaking on August 16 when around 16,000 were intercepted. Australian email addresses were the main target, with France also coming under fire.
Unlike ransomware attacks, which hold users’ data to ransom, the scam threatens to steal users’ privacy, linking together emails that say “look at this”, then “we know what you just looked at”, demanding $US320 payment in Bitcoin.
The email informs the user that a virus was installed on a porn website which recorded the victim through their webcam. “Then my software collected all your contacts from messengers, e-mails and social networks,” it says.
“If I don’t receive my Bitcoins I’ll send video with you to all your contacts.”
Carl Leonard, principal security analyst at Forcepoint, said cyber-extortion was a prevalent tactic today. While it largely takes the form of ransomware, he said data exposure threats were growing in popularity.
“Cyber-blackmailing continue to prove as an effective tactic for cybercriminals to cash out on their malicious operations,” he said. “In this case, it appears that a threat actor group originally involved in adult dating scams have expanded their operations to cyber-extortion campaigns as a result of this trend.”
He said company email addresses were specifically targeted, which would have added additional pressure to potential victims “since it implies that a recipient’s work PC was infected and may therefore taint one’s professional image”.
Here is a new term: Faketortion
“It is important for users to verify claims from the internet before acting on them,” he said. “Most online attacks today require a user’s mistake before actually becoming a threat. This is something that can be mitigated by addressing the weakness of the human point.”
But Mr Leonard said the scale of this campaign suggested the scammers were bluffing about having compromising information. This led us to believe that these are simply fake extortion emails. We ended up calling it ‘faketortion’.”
Get the most informative and complete ransomware hostage rescue manual.
This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit
PS: Technically speaking, your users are the new DMZ, and you have to create a human firewall. Effective security awareness training really is a must these days. Find out how affordable this is and be pleasantly surprised.