Here’s an interesting twist of the Reveton/FBI/police ransomware that has been plaguing internet users lately.
In this example, the malware that locks you out of your data, and demands £100 be paid via Ukash to gain access back to your files, claims to be from the Anonymous hacktivist group.
Part of the message reads:
We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.
Your computer has been hacked by the Anonymous Hackers Group and locked for the moment. All files have been encrypted. You need to pay a ransom of £100 within 24 hours to restore the computer back to normal. If the ransom is not paid on time all the contents of your computer will be deleted and all your personal information such as your name, address, D.O.B, etc. will be published online, after this has been done the processor, ram and motherboard will be fried. Any attempts to remove this virus will result in the consequences mentioned.
Of course, just as when ransomware victims see demands from cash on their computer seemingly coming from the police, they should be equally dubious about whether this particular attack originated from someone affiliated with Anonymous hacktivists.
Although, now I come to think about it, it’s not really possible for Anonymous to deny that it is involved. After all, being truly anonymous means that you don’t know what other people might be doing under the banner of Anonymous.
Ultimately, you can’t believe anything when it comes to Anonymous.
One thing is certain, however, and that’s the need to better protect computers against the threat of ransomware – whoever might be creating it.
Always remember to keep your anti-virus software up-to-date (Sophos detects this particular ransomware as Troj/Ransom-KI), and to run a tight ship when it comes to patching your operating system and applications to protect against vulnerabilities.
That way you’ll be making life much more difficult for the bad guys.Follow @gcluley
Hat tip: @abuse_ch