Security Researcher Tricks Tech Support Scammer Into Installing Locky Ransomware

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Ivan Kwiatkowski, a security researcher living in France, has turned the tables on a tech support scammer and fooled him into installing a copy of the Locky ransomware on his own PC.

security-researcher-tricks-tech-support-scammer-into-installing-locky-ransomware-507053-3.png


Kwiatkowski's encounter with a tech support crew came after his parents had navigated to a dodgy website that tried to trick them into thinking they were infected with the Zeus banking trojan.

"This horrible HTML aggregate had it all: audio message with autoplay, endless JavaScript alerts, a blue background with cryptic file names throwing us back to Windows' BSoD days, and yet somehow it displayed a random IP address instead of the visitor's one," wrote the researcher on his site.

Just give tech support scammers "test" credit card numbers
While it was easy to fix his parents' browser, the researcher went home and decided to have a little fun with the tech support crew. He fired up a virtual machine, accessed the site, and then called the phone number included on the tech support website.

The researcher had three different calls with two operators at a call center in India, which didn't go that well, mainly because the researcher spoke French while the operators not so much.

During his last call, after he agreed to the scammer's request to buy a tech support package, he started giving the crook fake but valid credit card numbers, just to have fun at his expense.

Read more: Security Researcher Tricks Tech Support Scammer Into Installing Locky Ransomware
 

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
Last edited:

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
The website and html used for this scam, it's level 0.5 on programming knowledge :confused:
I think the persons that you contact by phone isn't the same than the one who made it.
These last are supposed to received calls from more stupid person than them :)
=> Their job is easy : following steps to get payment from their target.
If the "target" want to "play" with them, they are not specially "prepared" :p
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top