Just how sick can a hacker get?

Bouncing babies

Just how sick in the head do you have to be if you’re a computer criminal?

We’ve seen them exploiting misery in all imaginable ways: from natural disasters such as tsunamis and hurricanes,to terrorist bombings and even mining accidents.

Today we saw a large amount of malicious spam claiming that the recipient’s baby child had been kidnapped, and demanding a $50,000 ransom.

Of course, if you were foolish to look at the “photos” you would be opening up your Windows PC to a malware infection by the Troj/Resex-Fam Trojan horse, which then downloads further malicious software from the internet.

Before you know it hackers have taken control of your PC, and are stealing your identity, or using your computer as a spam relay, or launching distributed denial-of-service attacks, or – indeed – all of the above!

The email claims that your baby has been kidnapped

The email claims that your baby has been kidnapped.

More information about this attack can be found in the advisory we posted on the Sophos website, and on the SophosLabs blog.

This should be a reminder to everyone – even if a trick seems disgusting and beyond belief, it’s not too low for a hacker to consider using. It’s all very depressing, but sadly not at all surprising.

To try and cheer myself up, I’ve illustrated this blog story with a screen capture of an old DOS game from yesteryear – “Bouncing babies”. It’s a distant reminder of the halcyon days before we had to worry about email attacks, before we were troubled by spyware, and when sunshine was a regular fixture of the English summer.