Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Crime Security Spam IT

Inside a Ransomware Money Machine 158

Posted by Unknown Lamer
from the spam-this-time-it-breaks-your-legs dept.
tsu doh nimh writes "The FBI is warning that it's getting inundated with complaints from people taken in by ransomware scams that spoof the FBI and try to scare people into paying 'fines' in lieu of going to jail for having downloaded kiddie porn or pirated content. KrebsOnSecurity.com looks inside a few of the scams in the FBI alert, and it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while."
This discussion has been archived. No new comments can be posted.

Inside a Ransomware Money Machine

Comments Filter:
  • Re:Scams (Score:4, Informative)

    by h4rr4r (612664) on Wednesday August 15, 2012 @09:19AM (#40996455)

    Yes, me. I got one of these emails, but since I know that is not how the FBI operates I deleted it.

  • Hah! (Score:5, Informative)

    by Anonymous Coward on Wednesday August 15, 2012 @09:20AM (#40996479)

    My buddy got one of those from watching waaaaayy too much porn, and actually called the FBI who told him it was a virus.

    What it does is lock your screen with an FBI logo and official-looking message, even displaying the output from the webcam if there is one, saying that unless the mark pays $200 or so using a Bitcoin-like form of payment one can get at convenient stores, the user will be arrested for downloading CP and/or "copyrighted material." Certain keys are locked, obviously, so you can't do the 3-finger salute and kill it with the task manager.

    A boot into safe mode and a little MsConfig was enough to fix, though not remove, the malware.

    -- Ethanol-fueled

  • by RobertLTux (260313) <robert@nOSPAM.laurencemartin.org> on Wednesday August 15, 2012 @09:40AM (#40996699)

    once you have the mattress home it is legal for you to remove the tag but after that you can't resell the mattress.

  • by viking099 (70446) on Wednesday August 15, 2012 @09:50AM (#40996821)

    Back when I was working the computer labs at my university, we used a product by Centurion [centuriontech.com] to secure our workstations.

    We would build an image, then lock down this little device installed in the case.

    The computer user never even notices it, and they can write to temp folders and change settings, and everything.

    When the computer is then rebooted, this device just reloads the OS from the "locked" partition, and it's just like it ever was.

    Day to day it was great, but applying updates was a pain because you had to visit each system and unlock it manually. This was 15 years or so ago, so I'm sure they have a better system in place now, but it worked pretty well for our group and the hundreds of computers we maintained.

  • Re:Hah! (Score:3, Informative)

    by hillbluffer (1684134) on Wednesday August 15, 2012 @10:28AM (#40997305) Homepage
    Here's how to get totally rid of it http://goo.gl/Av1Pm [goo.gl] Short answer is, keep your anti-virus up to date!
  • Re:Hah! (Score:3, Informative)

    by Anonymous Coward on Wednesday August 15, 2012 @10:28AM (#40997307)

    My buddy got one of those from watching waaaaayy too much porn

    No, your buddy got it from downloading and executing malware. You can look at an unlimited amount of porn, but if your policy is that you don't run code that you have reason to trust, then you can't get infections. Porn is still as safe as it has always been.

  • by g1zmo (315166) on Wednesday August 15, 2012 @01:17PM (#40999389) Homepage
    At my last job in a university library, they used the same approach (but different product [wikipedia.org]) for keeping the public PC stations locked down.

Hold on to the root.

Working...