Feeds

'NSA PRISM spies' shake down victims with bogus child-abuse vids claims

Punters falsely accused of being scumbags told to pay $300 to unlock PCs

Boost IT visibility and business value

Crooks are using the NSA's notorious global web surveillance scandal in new ransomware: punters visiting booby-trapped websites are falsely accused of downloading illegal material, told their PCs are now locked from use, and ordered to hand over a cash "fine" to unlock their computers.

Cloud security firm Zscaler has spotted 20 hijacked domains hosting malicious web pages that attempt to trick naive web surfers into installing virus-killing scareware (because it's claimed their computer is supposedly riddled with malware) or handing over money to unlock PCs that have supposedly been used to download images of child abuse.

Marks are either confronted with a warning that malware has supposedly been detected on their computer, or a bogus NSA PRISM-themed alert. In both cases, the goal is to scare the target into paying the attacker to "fix" their computer.

The campaign started off by pushing fake antivirus software (aka scareware) on the pretext that viruses had supposedly been detected on a mark's computer and money had to be paid out to have the nasties removed.

Now it's pushing a ransomware scam, which claims that child porn has been detected on a PC. The user is told he or she can "avoid prosecution" by handing over $300. In the meantime the ransomware says it locks victims out of their machines.

These shenanigans have been common on the web for years, and it's only the PRISM angle that adds a new spin. Scammers are obviously hoping that their marks pay up to resolve the problem without giving this any further thought. The proposed opt-in system to allow adults to look at legit porn sites in the UK laws may inadvertently help the preposterous con appear a tad more plausible, according to Zscaler.

Accused ... how the ransomware appears in the web browser (click to enlarge)

"The attacker uses the recent news about PRISM to claim that the victim's computer has been blocked because it accessed illegal pornographic content," a blog post by Zscaler ThreatLabZ researcher Julien Sobrier explains.

"The victim has to pay $300 through MoneyPak, a prepaid card service."

"The ThreatLabZ team expect attackers to take advantages of the upcoming UK laws on accessing adult content online to send new types of fake warnings to UK victims." ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?