- Jan 24, 2011
- 9,378
Brazen desktop locker campaign uses social media info to make its threat more compelling to victims.
A newly discovered form of ransomware scrapes the social media accounts and local files of victims in order to tailor a customised demand, and threatens court action if it isn't paid.
Dubbed 'Ransoc' by cybersecurity researchers at Proofpoint due to its connection with social media including Facebook, LinkedIn, and Skype, this ransomware represents yet another evolution of the malicious software which has boomed during 2016.
It isn't the first ransomware variant to use social engineering in an attempt to scare the victim into paying up, but Ransoc is unique in how it attempts to turn the users' files against them -- especially if illegally downloaded files are on the system.
Perhaps because it focuses on exploiting this fear, Ransoc doesn't encrypt the victims' files in the same way as ransomware like Locky does, but rather makes its demands via the desktop or browser after infecting the system through malvertising traffic aimed at Internet Explorer on Windows and Safari on OS X.
It might appear basic or dated compared to more sophisticated forms of ransomware -- desktop locking malware saw its heyday between 2012 and 2014 -- but Ransoc is built to search the victim's hard drive and social media accounts for data to use in its scheme. That data will then be used to tailor a ransom note featuring images from their Facebook and LinkedIn accounts disguised as a threat of legal action against the victim
Read more: This ransomware uses your social media profiles to personalise its demands | ZDNet
A newly discovered form of ransomware scrapes the social media accounts and local files of victims in order to tailor a customised demand, and threatens court action if it isn't paid.
Dubbed 'Ransoc' by cybersecurity researchers at Proofpoint due to its connection with social media including Facebook, LinkedIn, and Skype, this ransomware represents yet another evolution of the malicious software which has boomed during 2016.
It isn't the first ransomware variant to use social engineering in an attempt to scare the victim into paying up, but Ransoc is unique in how it attempts to turn the users' files against them -- especially if illegally downloaded files are on the system.
Perhaps because it focuses on exploiting this fear, Ransoc doesn't encrypt the victims' files in the same way as ransomware like Locky does, but rather makes its demands via the desktop or browser after infecting the system through malvertising traffic aimed at Internet Explorer on Windows and Safari on OS X.
It might appear basic or dated compared to more sophisticated forms of ransomware -- desktop locking malware saw its heyday between 2012 and 2014 -- but Ransoc is built to search the victim's hard drive and social media accounts for data to use in its scheme. That data will then be used to tailor a ransom note featuring images from their Facebook and LinkedIn accounts disguised as a threat of legal action against the victim
Read more: This ransomware uses your social media profiles to personalise its demands | ZDNet
