New Form of Ransomware Uses Social Media to Customize Demands | Hacked: Hacking Finance
Hacked: Hacking Finance

Vulnerabilities

New Form of Ransomware Uses Social Media to Customize Demands

Posted on .

New Form of Ransomware Uses Social Media to Customize Demands

Introduction

This article was posted on Sunday, 22:29, UTC.

A new form of ransomware is reported to have been found that uses a person’s social media and computer files to customize a demand, according to cybersecurity researchers at Proofpoint.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Called ‘Ransoc’ by the researchers because of its connection to social media, they found that the malware was scanning local media filenames and running several routines by interacting with Skype, LinkedIn, and Facebook profiles, infecting the system through Internet Explorer on Windows and Safari on OS X.

What’s interesting about this new type of ransomware is the fact that unlike ransomware such as Locky, which encrypts a person’s files before demanding payment, Ransoc customizes its demands to its victims.

After scanning a person’s computer files and social media to find potentially incriminating evidence, it then sends a penalty notice, threatening victims with court action if the amount isn’t paid.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

As it doesn’t encrypt a person’s files, the ransomware relies on a victim’s fear to pay the money straight away.

According to Proofpoint, though, this type of penalty notice threat was widespread during 2012 and 2014; however, since then the focus has been on crypto ransomware and other malware as a way of scamming victims out of their money.

Interestingly, enough, the team at Proofpoint discovered that the penalty notice only appeared if the malware was able to locate incriminating evidence on the computer. If, however, the file name was manually changed no penalty notice was triggered.

// -- Get exclusive consultation for as low as $249 per month on MoneyMakers.com -- //

Not only that, but the team found that instead of demanding the payment in bitcoin, which is what the vast amount of cybercriminals using malware demand, this one demanded payment with a credit card. Unlike bitcoin, which gives criminals anonymity, the use of a credit card means that law enforcement can potentially trace the money back to the criminals a lot easier.

The fact that this method is used could suggest that the cybercriminals are happy in the belief that the victims have too much to hide to seek out help from the police. To encourage payment, though, the ransom note states that the money will be sent back to the victim if they are not caught again in 180 days.

It’s safe to say that repayment never happens.

All, it seems, is not lost.

According to Proofpoint, the Ransoc only employs a registry autorun key to persist, so rebooting in Safe Mode should allow users to remove the malware.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Rebecca Campbell

Rebecca Campbell

There are no comments.

View Comments (0) ...
Navigation
The team:
Dmitriy Lavrov
Analyst
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Founder
Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
P.H. Madore
ICO Analyst
P. H. Madore lives in Arkansas with his wife and children. He has covered the cryptocurrency beat over the course of hundreds of articles for Hacked’s sister site, CryptoCoinsNews, as Read More
Mate Csar
Analyst
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Justin O’Connell
Journalist
Justin O’Connell is a cryptocurrency journalist who works have appeared in the U.S.’s third largest weekly, the San Diego Reader & VICE. // -- Discuss and ask questions in our community Read More
Mati Greenspan
Analyst
Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Analyst
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Journalist
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
Black Friday, the start of the Christmas shopping season in…