Hello! You must login or signup first!

Ransomware

Added 8 years ago / Updated 8 years ago
Accessdenied

Submission   12,553

[View Related Sub-entries]

Navigation
AboutOriginSpreadSearch InterestExternal ReferencesRecent ImagesRecent Videos

About

Ransomware is a type of malicious software that infects a computer and blocks access to the machine's system files, demanding a payment from the owner before the restriction is removed.

Origin

In 1989, London, England resident Dr. Joseph Popp authored a trojan horse virus known as the Aids Info Disk, which prevented users from accessing certain directories and encrypted the C: drive, demanding a payment to a post office in Panama to unlock the files. Popp was subsequently arrested by British authorities and charged with eleven counts of blackmail.

I N T R OD U CTION Welcome to the interactive computer program called AIDS Information. This program is designed to provide up-to-date information about you and the fatal disease AIDS (Acquired Immune Def iciency Syndrome). The health information provided to you by this program could save your life Here is how the program works: First, the computer wi11 ask you a series of questions about your personal background, behaviour and medical history. Then the program wll calculate your chances of being infected with the AIDS virus and inform you about your present degree of risk Then it will provide you with advice on what you can do to reduce your risk of future infection, based on the details of your own ifestyle and history. Finally, it wi11 give you the chance to ask questions or to make comments Press ENTER to continue or press ESCAPE for Menu Options

Spread

In September 2005, the tech news blog NetworkWorld[4] published an article describing ransomware as the "latest security worry." Several ransomware programs surface online over the next year, including the GPCode trojan horse virus which was circumvented by international software security group Kaspersky Lab.[5] Up until June 2008, several iterations of the malware resurfaced online. In 2010, 10 people were arrested in Russia that were implicated in creating the WinLock ransomware trojan. The following year, a malware program mimicking a Windows Product Activation notification began circulating online, which tricked victims into calling a number to collect international long distance charges. In 2012, the ransomware trojan Reveton, based on the Citadel trojan virus, began infecting a wide distribution of computers, displaying a false messaging informing the user they had been flagged for pirating software or downloading child pornography (shown below).

ASTRATHCLYDE POLICE METROPOLITAN POLICE Attention!!! The process of legal activity s detected. Accordng to UK law and Metropoltan Polce Service and Strathclyde Poice investigation your computer s locked material toward people were visited from this IP-address Moreover and e-mail spam was sent you're your computer, e-mails containing terroristic materials. This locking serves to stop your Begal activity. The following violation is detected: you IP-address Forbidden websites containing p----------, child p----------, Sodomy and called violence against children on, violent IP: Location: United Kingdom, Belton SP. BTnet UK Repional network Your details: To release a lock your computer you should pay the fine in amount of E 100. In the case of ignoring the payment, the program will remove illegal materials while keeping your personal information is not guaranteed. Ukashi Where can I buy Ukash? You could buy Ukash in many places, for example: shops, stalls, stand-alone terminals, on-line or through E-Wallet (electronic cash). Below you could find the list of point of sale Ukash in your country. You could pay the forfeit in two ways: Epay-you could buy Ukash in thousands of supermarkets or call-Shops which have this logo. 1) Paying through Ukash: Use the code received for this purpose. Enter it in the space for payment and d--- OK (If you have more than one code, enter them one after another and then click oK). Paypoint-Get Ukash wherever you see the Pafnt sgn. Payzone Ukash available from Payzone terminals around the UK (#you have more than one code, enter them one after another and then do In case the system informs about an error send the code to Inpay You can get a Ukash voucher in values from E10-E500 and pay · 2) Paying through Paysafecard: Use the code (and a password if needed) received for this purpose. Enter it in the space for payment and click OK (if you have more then one code, enter them one after another and then click OK). OK Epaysafecard In case the system informs about an error send the code to OK

On October 11th, the tech news site TorrentFreak[3] reported that a ransomware virus was circulating that falsely informed infected machines that they had been included in a Stop Online Piracy ACT black list (shown below).

Your computer is locked Stop Online Piracy Automatic Protection System Your identification number: 1643 Your IP address: If you see a warning.bxt or warning screen, it means your IP address was included in S.O.P.A. Black List. One or more of the following items were made from your PC: 1. Downloading or distrbuting audio or video files protected by Copyright Law 2. Downloading or distributing llegal content (child p---, phishing software, etc.) 3. Downloading or distributing Software protected by Copyright Law Q: How can I make sure that you can really decipher my files? A: You can send one ciphered fle on emal UNLOCK@SOPASYSTEMCOM (ndicate your lD and IP adcress in the message tite), in the response message you receive the deciphared fie. Q: Where can I purchase a MoneyPak? A: MoneyPak can be purchased at thousands of stores nationwide, including major retalers such as Wal-Mart, Walgreens CVS/pharmacy, Rite Aid, Kmart, Kroger and Meijer As a result of these infringements based on Slop Online Piracy Act (H.R. 3261) you PC and files are now blocked You can remove you IP from black list and unlock PC and files by paying a fine of 200 (USA and Canada) / 200EUR (via Western Union to other Countries) Q: How dol buy a MoneyPak at the store? A: Pick up a MoneyPak from the Prepaid Product Section or Green Dot display and take it to the register. The cashier wil collect your cash and loadit onto the MoneyPak Q: What if I don't have possibility to purchase prepaid voucher? STEP 1: Buy a moneypak prepaid voucher for the amount of $200 at the nearest store. A: You can send money in amount of 200EUR by WesternUnion as altsmative option. STEP 2: Enter your prepald voucher number and your email address in the fields below then dlick PAY and you will be prompted to enter the unlock code. OR Send an e-mail at UNLOCK@SOPASYSTEM.COM. Indicate your ID in the message title and provide moneypak prepaid woucher number. WARNINGIlE: If you don't pay the fine within 72 HOURS at the amount of 200.00 USD, all your computer data will be erased y have any questions please contact us If you have any questions please contact unlock@sopasystem.com Moneypak Email PAY STEP 3: Check your o-mail. In 24 hours wo will sond your Unlock code once payment is verified. Then enter your unlock code that you recelvod by email from us and click UNLOCK.We accept only Moneypak prepaid vouchers ) MoneyPak Your computer will roll back to the ordinary state Visit for information: htp:lwww.moneypak.com

In February 2013, a ransomware program surfaced online using a Stamp.EK exploit kit which tricked Internet users by promising nude photographs of celebrities. In September, the CryptoWall and CryptoLocker trojans began spreading in emails fraudulently claiming to be Australia Post delivery notices. On September 4th, 2015, Redditor puckpou submitted a post about ransomware to the /r/YouShouldKnow[2] subreddit, where it garnered upwards of 1,200 votes (90% upvoted) and 170 comments prior to being archived. On September 21st, the radio show and podcast Radiolab published an episode titled "Darkode," which featured a story about a Russian woman who paid off ransomware attackers using bitcoin. On January 26th, 2016, the anti-malware software company Malwarebytes introduced an anti-ransomware beta. In March, the KeRanger ransomware began infecting Mac computers through the Transmission BitTorrent client.[7]

Search Interest

External References

[1] Wikipedia – Ransomware

[2] Reddit – YSK about ransomware viruses!

[3] TorrentFreak – SOPA IS BACK! … AS A RANSOMWARE VIRUS

[4] NetworkWorld – Files for Ransom

[5] Wikipedia – Kaspersky Lab

[6] Radiolab – Darkode

[7] Reuters – Mac ransomware caught before large number of computers infected

Share Pin

Sub-entries 4 total

Wanadecrypt0r
WannaCry Ransomware Attack
Cover3
2021 U.S. East Coast Gas Shor...
Maxresdefault
2017 Peyta Ransomware Attack
Cryptolocker_program
CryptoLocker Ransomware Attack

Recent Images 3 total

View All Images

Recent Videos 1 total

View All Videos

Load 36 Comments
9
Ransomware

Ransomware

[View Related Sub-entries]

Updated Mar 08, 2016 at 03:12PM EST by Don.

Added Mar 08, 2016 at 02:58PM EST by Don.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

About

Ransomware is a type of malicious software that infects a computer and blocks access to the machine's system files, demanding a payment from the owner before the restriction is removed.

Origin

In 1989, London, England resident Dr. Joseph Popp authored a trojan horse virus known as the Aids Info Disk, which prevented users from accessing certain directories and encrypted the C: drive, demanding a payment to a post office in Panama to unlock the files. Popp was subsequently arrested by British authorities and charged with eleven counts of blackmail.


I N T R OD U CTION Welcome to the interactive computer program called AIDS Information. This program is designed to provide up-to-date information about you and the fatal disease AIDS (Acquired Immune Def iciency Syndrome). The health information provided to you by this program could save your life Here is how the program works: First, the computer wi11 ask you a series of questions about your personal background, behaviour and medical history. Then the program wll calculate your chances of being infected with the AIDS virus and inform you about your present degree of risk Then it will provide you with advice on what you can do to reduce your risk of future infection, based on the details of your own ifestyle and history. Finally, it wi11 give you the chance to ask questions or to make comments Press ENTER to continue or press ESCAPE for Menu Options

Spread

In September 2005, the tech news blog NetworkWorld[4] published an article describing ransomware as the "latest security worry." Several ransomware programs surface online over the next year, including the GPCode trojan horse virus which was circumvented by international software security group Kaspersky Lab.[5] Up until June 2008, several iterations of the malware resurfaced online. In 2010, 10 people were arrested in Russia that were implicated in creating the WinLock ransomware trojan. The following year, a malware program mimicking a Windows Product Activation notification began circulating online, which tricked victims into calling a number to collect international long distance charges. In 2012, the ransomware trojan Reveton, based on the Citadel trojan virus, began infecting a wide distribution of computers, displaying a false messaging informing the user they had been flagged for pirating software or downloading child pornography (shown below).


ASTRATHCLYDE POLICE METROPOLITAN POLICE Attention!!! The process of legal activity s detected. Accordng to UK law and Metropoltan Polce Service and Strathclyde Poice investigation your computer s locked material toward people were visited from this IP-address Moreover and e-mail spam was sent you're your computer, e-mails containing terroristic materials. This locking serves to stop your Begal activity. The following violation is detected: you IP-address Forbidden websites containing p----------, child p----------, Sodomy and called violence against children on, violent IP: Location: United Kingdom, Belton SP. BTnet UK Repional network Your details: To release a lock your computer you should pay the fine in amount of E 100. In the case of ignoring the payment, the program will remove illegal materials while keeping your personal information is not guaranteed. Ukashi Where can I buy Ukash? You could buy Ukash in many places, for example: shops, stalls, stand-alone terminals, on-line or through E-Wallet (electronic cash). Below you could find the list of point of sale Ukash in your country. You could pay the forfeit in two ways: Epay-you could buy Ukash in thousands of supermarkets or call-Shops which have this logo. 1) Paying through Ukash: Use the code received for this purpose. Enter it in the space for payment and d--- OK (If you have more than one code, enter them one after another and then click oK). Paypoint-Get Ukash wherever you see the Pafnt sgn. Payzone Ukash available from Payzone terminals around the UK (#you have more than one code, enter them one after another and then do In case the system informs about an error send the code to Inpay You can get a Ukash voucher in values from E10-E500 and pay · 2) Paying through Paysafecard: Use the code (and a password if needed) received for this purpose. Enter it in the space for payment and click OK (if you have more then one code, enter them one after another and then click OK). OK Epaysafecard In case the system informs about an error send the code to OK

On October 11th, the tech news site TorrentFreak[3] reported that a ransomware virus was circulating that falsely informed infected machines that they had been included in a Stop Online Piracy ACT black list (shown below).


Your computer is locked Stop Online Piracy Automatic Protection System Your identification number: 1643 Your IP address: If you see a warning.bxt or warning screen, it means your IP address was included in S.O.P.A. Black List. One or more of the following items were made from your PC: 1. Downloading or distrbuting audio or video files protected by Copyright Law 2. Downloading or distributing llegal content (child p---, phishing software, etc.) 3. Downloading or distributing Software protected by Copyright Law Q: How can I make sure that you can really decipher my files? A: You can send one ciphered fle on emal UNLOCK@SOPASYSTEMCOM (ndicate your lD and IP adcress in the message tite), in the response message you receive the deciphared fie. Q: Where can I purchase a MoneyPak? A: MoneyPak can be purchased at thousands of stores nationwide, including major retalers such as Wal-Mart, Walgreens CVS/pharmacy, Rite Aid, Kmart, Kroger and Meijer As a result of these infringements based on Slop Online Piracy Act (H.R. 3261) you PC and files are now blocked You can remove you IP from black list and unlock PC and files by paying a fine of 200 (USA and Canada) / 200EUR (via Western Union to other Countries) Q: How dol buy a MoneyPak at the store? A: Pick up a MoneyPak from the Prepaid Product Section or Green Dot display and take it to the register. The cashier wil collect your cash and loadit onto the MoneyPak Q: What if I don't have possibility to purchase prepaid voucher? STEP 1: Buy a moneypak prepaid voucher for the amount of $200 at the nearest store. A: You can send money in amount of 200EUR by WesternUnion as altsmative option. STEP 2: Enter your prepald voucher number and your email address in the fields below then dlick PAY and you will be prompted to enter the unlock code. OR Send an e-mail at UNLOCK@SOPASYSTEM.COM. Indicate your ID in the message title and provide moneypak prepaid woucher number. WARNINGIlE: If you don't pay the fine within 72 HOURS at the amount of 200.00 USD, all your computer data will be erased y have any questions please contact us If you have any questions please contact unlock@sopasystem.com Moneypak Email PAY STEP 3: Check your o-mail. In 24 hours wo will sond your Unlock code once payment is verified. Then enter your unlock code that you recelvod by email from us and click UNLOCK.We accept only Moneypak prepaid vouchers ) MoneyPak Your computer will roll back to the ordinary state Visit for information: htp:lwww.moneypak.com

In February 2013, a ransomware program surfaced online using a Stamp.EK exploit kit which tricked Internet users by promising nude photographs of celebrities. In September, the CryptoWall and CryptoLocker trojans began spreading in emails fraudulently claiming to be Australia Post delivery notices. On September 4th, 2015, Redditor puckpou submitted a post about ransomware to the /r/YouShouldKnow[2] subreddit, where it garnered upwards of 1,200 votes (90% upvoted) and 170 comments prior to being archived. On September 21st, the radio show and podcast Radiolab published an episode titled "Darkode," which featured a story about a Russian woman who paid off ransomware attackers using bitcoin. On January 26th, 2016, the anti-malware software company Malwarebytes introduced an anti-ransomware beta. In March, the KeRanger ransomware began infecting Mac computers through the Transmission BitTorrent client.[7]

Search Interest

External References

[1] Wikipedia – Ransomware

[2] Reddit – YSK about ransomware viruses!

[3] TorrentFreak – SOPA IS BACK! … AS A RANSOMWARE VIRUS

[4] NetworkWorld – Files for Ransom

[5] Wikipedia – Kaspersky Lab

[6] Radiolab – Darkode

[7] Reuters – Mac ransomware caught before large number of computers infected

Sub-entries 4 total

Recent Videos 1 total

     

Recent Images 3 total

 

Top Comments

TheLastMethBender
Delete
Sensitive
TheLastMethBender

I had something like this

The "virus" protection program that installed itself onto my computer started giving me a shit load of pop ups

Went online and found a product key for the thing

The stupid assholes didn't even have unique keys so I was able to get it off

+30
Reply
Slade Wilson
Delete
Sensitive
Slade Wilson

I remember having one of these, but the real kicker of it was that it made a fucking godawful and extremely loud sound of a pig squealing at random points for seemingly no reason at all, shit made me jump countless times before I ended up just wiping my computer.

Luckily, I was younger when that happened, so I didn't have anything important on there at the time. With that being said, I feel nothing but sympathy for the poor souls that happen to accidentally stumble upon this vile infection.

+27
Reply

+ Add a Comment

Comments (36)


Display Comments

Add a Comment


Suggest a Change   Edit History