Forgot your password?
typodupeerror
Crime Security Spam IT

Inside a Ransomware Money Machine 158

Posted by Unknown Lamer
from the spam-this-time-it-breaks-your-legs dept.
tsu doh nimh writes "The FBI is warning that it's getting inundated with complaints from people taken in by ransomware scams that spoof the FBI and try to scare people into paying 'fines' in lieu of going to jail for having downloaded kiddie porn or pirated content. KrebsOnSecurity.com looks inside a few of the scams in the FBI alert, and it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while."
This discussion has been archived. No new comments can be posted.

Inside a Ransomware Money Machine

Comments Filter:
  • by Anonymous Coward on Wednesday August 15, 2012 @10:31AM (#40996591)

    You'd be surprised at how ignorant folks are. Particularly older users tend to take real
    appearing emails at face value. I've told my parents to treat ALL commercial emails
    as fake, even if they are from some organization they actually do business with. Call
    the organization 800 number, go to the web page directly (not via "links" in the email). Yes,
    it is a pain/loss of functionality, but so is getting taken, and ignoring them all ends up being the safer
    approach... The above policy started after they got one of the fake anti-virus trojans...

  • by gstoddart (321705) on Wednesday August 15, 2012 @10:36AM (#40996663) Homepage

    it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while

    Isn't this about the same percentage as any spam campaign? That's pretty much why it's still profitable.

    Though, you'd think that most people would realize that law enforcement doesn't simply send you an email demanding you pay a fine or face criminal charges -- there really isn't that option as far as I know. Well, at least not in all countries.

  • by sageres (561626) on Wednesday August 15, 2012 @10:43AM (#40996727)

    Just a horrible observation: this has seriously gotten out of hand and it is getting worse. Back twenty years ago, there were only a limited number of known viruses, that identity definitions / checksums of all of them could have fitted on a single database file big enough for a single floppy disk. Nowdays the combination complicated operating systems with weak security, security bugs on internet software and abundance of poor programmers in the 3rd world countries willing to sell their code of ethics, morals and their mother for two thousand dollars per exploit make it virtually impossible for anti-virus companies to maintain a product and database to keep these off.
    In my experience, my customers in most cases were duped in downloading these pieces of thiefware. My personal thought back than was "I wish I could lock this computer in read-only state so that they can not do absolutely anything stupid except turn it on, browse and turn in back off."

    In light of this there must be a new way of conducting Internet browsing and software management on local computers. My personal thought was a full read-only operating environment periodically verified with full checksum for its integrity, on which any software updates or new software installs are simply impossible / or new installs are allowed based on reputation scores of such software.

    But seriously, are there any schemes or research out there that has been working on the topic of creating a managed secure environment for average consumers?

  • by asdf7890 (1518587) on Wednesday August 15, 2012 @11:10AM (#40997063)
    2. Knowing proper spelling and grammar in your native language.

    There have been suggestions that some of the scammers use this as a mark filter: people put off by the spelling/grammar would be unlilkely to follow through to the end anyway so put them off early so you can concentrate on the others. People who fall for the scam despite the presentation are better quality marks and more more likely to pay out (either because they have done something wrong and are feeling guilty, or because they don't speak the language well enough to spot the telltail problems, or simply because they are just plain thick).

    Though I think it more likely that the simpler explanation (most of the scammers simply fail to create a good presentation in the target language) is more likely at least in most cases.

  • by HungryHobo (1314109) on Wednesday August 15, 2012 @11:45AM (#40997547)

    " If I demand money or I will shoot him, that's blackmail."

    No, that's extortion.

    Blackmail would be threatening to tell your wife about your mistress. Blackmail can include things you would otherwise be perfectly legally allowed to do.

    You may have every legal right to expose the trips made to a bathhouse by a homophobic republican senator but if you demand money from him in exchange for *not* revealing that secret, that's illegal.

  • by EdIII (1114411) on Wednesday August 15, 2012 @12:04PM (#40997783)

    Depends on the ransomware. I have run across the FBI thing twice now and the real problem is that the machine had business data. Paying to get access to your business data was the main reason why they were willing to pay.

    These particular variants were making it difficult to locate data since they had silently redirected the My Documents folder. If you could get out of it and back into safe mode you would see your data missing unless the ransomware program was actually running.

    Even more problematic is that some of these programs encrypt the data. Then you really have a problem.

    It's a hard lesson of why you need to keep business machines and fapping stations separate .

Aren't you glad you're not getting all the government you pay for now?

Working...