Forgot your password?
typodupeerror
Security The Internet Technology

US Warns Users of Child-Porn Blackmail Ransomware 196

Posted by timothy
from the nefarious-evildoers dept.
coondoggie writes "The nasty Trojan known as Citadel malware, which is based on Zeus, has typically been used to extort money from online banking users, but a new variant is making the rounds that tries to get your money by saying you looked at child porn sites and must pay a violation fee to the U.S. Department of Justice. This variation, called Reveton, lures the victim to a drive-by download website, at which time the ransomware is installed on the user's computer, says the U.S. Internet Crime Complaint Center (IC3). Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law."
This discussion has been archived. No new comments can be posted.

US Warns Users of Child-Porn Blackmail Ransomware

Comments Filter:
  • by MrQuacker (1938262) on Sunday June 03, 2012 @03:56AM (#40199453)

    Its not like you can call the police and complain about it. You'll instantly get labeled as a pedo and have your kids taken away.

    • by Anrego (830717) *

      I imagine most people would also be hesitant to take it into a repair shop with that message displayed on the screen even if they recognize it as a scam.

      • by AHuxley (892839)
        Yes that repair shop would have a nice ongoing relationship going back many years
        "FBI asks computer shops to help fight cybercrime"
        http://the.honoluluadvertiser.com/article/2004/Feb/05/ln/ln01a.html [honoluluadvertiser.com]
    • by Joce640k (829181) on Sunday June 03, 2012 @05:19AM (#40199763) Homepage

      This is why "possession" of something shouldn't be a crime. Anything can be planted in your house/PC/car/whatever without your knowledge.

      A country which allows a computer virus to ruin your life and make you forever unemployable has some serious problems with its laws.

      PS: I cleaned up a machine with this three or four months ago here in Spain.

      • by Anonymous Coward on Sunday June 03, 2012 @06:00AM (#40199857)

        "PS: I cleaned up a machine with this three or four months ago here in Spain."

        With MyCleanPC no doubt.

      • This has nothing to do with "possession" or even crime in and of itself.

        This has to do with the hysterical overreaction of the general public towards anything which is so much as suspected as being involved with or related to child pornography. Victims of this ransom-ware may well pay in fear of being ripped to pieces by an angry mob, and their fears would not be all that far fetched at this point. At the very least, they stand a good chance of having their entire life ruined should even a hint of suspicion fall on them.

        Child pornography, like all hysterias, has become an excuse for a segments of the public to indulge in chaos, anarchy and criminal behaviour in their reaction to it. Even a pointed finger can now be a life or death sentence for innocent people. This is why it was important not to let the rule of law slide on this or any other issue.

        But no. People wanted to indulge their outrage. I suppose democracies get what they deserve.

        • I've got to agree with this. People looking at pedophilia look always at the pedophiles as a completely EVIL group. They never examine the actual implications, damage, or related issues. They have laser focus that these people are evil and don't want to know, discuss or think about it anymore.
    • by Opportunist (166417) on Sunday June 03, 2012 @07:56AM (#40200211)

      And that's the part that scares me more than that ransomware by itself. Because it can only mean one of two things:

      1. That there ARE actually that many people looking at CP and they feel guilty and don't get help for that reason.

      2. The CP witch hunt has crossed the line where people don't even dare to get help if accused wrongly because the allegation alone already puts you on some stupid list.

    • by flyneye (84093)

      But wouldn't it be wonderful, instead of all the blunder butt crap the government does do to the U.S. people, why don't they do their secret snooping to find black hats responsible and let the C.I.A. peel all their skin off. I don't think you could get a rights organization to shed a tear, if they've ever fallen prey to a trojan or lost something to a virus.
      The time for tolerating "black" hats as useful to computer security was sooooo over years ago. Now is the tim

    • Yeah you have to admire the unadulterated evil brass balls on these lads. Its a nice mix of social engineering and tech. If they put half as much effort into legitimate business imagine how much money they'd have made.

      • If they put half as much effort into legitimate business imagine how much money they'd have made.

        Contraband is much more profitable... and tax free. Crime does pay... very well.

    • The operators of this extortion system should be on the "Public Enemy #1" list. Not only are they an organized syndicate extorting from Americans, on a very large and nationwide scale. They are impersonating Federal officers to do it. Protecting the ability of Americans to respect someone who claims to be a cop, especially a Federal one, is among the highest priorities of the Justice Department. Or at least it should be.

      The failure of the FBI and the other cop agencies we give $BILLIONS to every year, who have vast and even un-Constitutional powers to do whatever they want in the name of protecting us, to do what's necessary to stop these giant phishing operations is baffling mystery. Why banks are allowed to let their trademarked brands get diluted by phishers robbing in their name, resulting in large and widespread losses contrary to the very essence of trademark and copyright, is a mystery. But the failure of the cops to protect themselves is even more bizarre.

    • Why would you be labeled as a pedo? Are the police somehow going to lend credibility to some random piece of scumware?

    • by bitt3n (941736)

      and have your kids taken away.

      at least that's some consolation

  • Stupidity (Score:2, Insightful)

    by Anonymous Coward

    A "violation fee" to the "Department of Justice" for a felony without conviction.

    What kind of idiot is going to--- never mind.

    • A "violation fee" to the "Department of Justice" for a felony without conviction.

      What kind of idiot is going to--- never mind.

      I know, right? How ridiculous. It's like people think the President is putting people on some sort of "kill list" and sending drones after them. oh... wait.

      • by swalve (1980968)
        I know, right? They should do it the right way, and publish decks of playing cards with the targets fancifully depicted as jokers.
        • I know, right? They should do it the right way, and publish decks of playing cards with the targets fancifully depicted as jokers.

          Nah, that would imply a desire to capture and try them. Better to just keep the list secret and just share it with the drone pilots. Cheaper, too - it's not like there's a reward, just kill them. Also makes it easier as we moving from "Americans we think are terrorists" on the list now to "Americans that are political enemies". No need for they drone pilots to know WHY anyone is targeted for death.

  • by Anonymous Coward on Sunday June 03, 2012 @04:03AM (#40199483)

    I'm pretty sure with all the "DINK OF TEH CHILLUNS!" bullshit that goes on that we burn anyone that looks at child porn at the stake, no one will believe they can get away with it for just a fine.

    • The problem is the laws define a pedo with just having the material.

      For example, if I uploaded kiddie porn to your computer you are a criminal for having it. Sure the penalty is much less than being a kiddie porn manufacturer which is someone who sends it but you are not guilty.

      Worse, try to get a job again? Your future is ruined forever, because of an asshat and many will pay to make the problem go away! This is truly evil in the nth degree whether you feel this current laws are silly are not.

      No respectabl

      • by MacGyver2210 (1053110) on Sunday June 03, 2012 @04:27AM (#40199569)

        There was recently (in the last few months, I believe) an article about intent in child porn cases. I think it was even on /. It said that simply possessing the child porn wasn't enough, there had to be proof that the person had intentionally viewed it.

        found it. http://tech.slashdot.org/story/12/05/10/138205/ny-ruling-distinguishes-downloading-viewing-child-pornography [slashdot.org]

        Is that only in New York, or has it set some sort of precedent or how does that work? I'm not fluent in legalese.

        • by Amouth (879122) on Sunday June 03, 2012 @04:37AM (#40199607)

          but even if it is only in that area - you have to prove you didn't do it, and even if you can do that you have to do it n court, even if you come away "free" then it is still there that you where once prosecuted for it, and you have to live/survive that process which will more than likely ruin your life as you know it.

        • by SuricouRaven (1897204) on Sunday June 03, 2012 @04:56AM (#40199665)
          Not for very long, though. If you follow the media, espicially the more conservative media, there is a fair bit of public outrage at the ruling - lots of headlines along the lines of 'New York legalises child pornography!'. So much that within less than a day of the ruling, the legislature was already in the process of passing a bill to reverse it. It will, without a shadow of a doubt, sail through unchallenged.
          http://www.deseretnews.com/article/765576135/New-York-bill-quickly-follows-court-ruling-on-child-porn.html [deseretnews.com]
          • by Nimey (114278)

            Now if only this trojan could be targeted at certain prominent conservatives... say Limbaugh, Murdoch, et al. When it came out they'd gotten this on their computers, bet you the conservative media drumbeat changes.

            • by rrohbeck (944847)

              It shouldn't be too hard to scan through the files on their machine and do some simple word statistics on things that they wrote. I have a feeling that you can find the political persuasion of the author with good accuracy.

      • by rally2xs (1093023)

        Pay? Not much more than the price of a brand new hard drive,which last time I looked was about $90. Bury the old dribe somewhere unretrievable, install the new drive, and you either baccked up your data or you didn't. No worse than a hardware meltdown...

        • by Chrisq (894406) on Sunday June 03, 2012 @05:09AM (#40199733)

          Bury the old dribe somewhere unretrievable

          I guess "old dribe" must be the guy sending out these blackmail notices then.

        • by jimicus (737525)

          Not much more than the price of a brand new hard drive,which last time I looked was about $90. Bury the old dribe somewhere unretrievable, install the new drive, and you either baccked up your data or you didn't. No worse than a hardware meltdown...

          Considering how damn awkward some malware is to remove, this is probably not a bad solution for a lot of infestations. It's certainly quicker than a scan with a live CD followed by booting in safe mode, running every virus scanner you can think of, digging through HijackThis logs and still finding there's traces on there - and for a lot of people, time is money.

        • by F.Ultra (1673484)
          Yes, but we are talking about people that are not computer savvy. To them the whole computer is the hard drive. And since they also think that computers are magic, they probably believe that the message will reappaer on the new hard drive the instant it's installed.
    • Obviously you must be a pedophile, anti-American, neo-Nazi, terrorist [did I miss any?]. How dare you mock "think of the children".

      Everyone, for the sake of our children, please help root out this vile anonymous coward. We must not allow questioning of anything done for the children. /sarcasm

      • by rrohbeck (944847)

        "I think of children all the time," said the pedophile.
        Corollary: Anybody who thinks of children might be a pedophile.

    • My hope is just that this trojan infects the same bunch of people that kept cheering on when some BS laws got proposed and passed.

      I cannot wait for the first politician infected with it. Please let me be the one who gets to analyze the computer, please... it will be the first NDA I violate.

  • by harvey the nerd (582806) on Sunday June 03, 2012 @04:28AM (#40199573)
    Sounds like a job for a bootable Linux lite thumb drive with trojan hunting files.
  • It's worldwide (Score:5, Informative)

    by jimicus (737525) on Sunday June 03, 2012 @05:29AM (#40199783)

    I've seen a version that's been localised to the UK; apparently there are also versions localised to Canada. I haven't analysed it but it wouldn't surprise me if it's all the same trojan and it uses geolocation to display an appropriate logo.

    Brilliant scam because even if the user knows it's a load of rubbish, nobody wants to be even remotely associated with paedophilia. You'd have to be a bit of an idiot to think you could make such an accusation go away by paying a small fine - or for that matter to believe that the police's MO in these cases is to put a great big warning on your screen (rather than to arrest you at dawn and take all your computers away), but I suspect there are probably enough idiots in this world to make it profitable.

    • Re:It's worldwide (Score:5, Informative)

      by deroby (568773) <deroby@yucom.be> on Sunday June 03, 2012 @06:31AM (#40199943)

      My dad's PC had this, although apparently the creators didn't do their homework very well. Belgium having 2 (main) languages the scareware used the wrong language for this part of the country so he hardly understood what needed doing (not everybody speaks both languages). Off course the police logo etc made it look kind of daunting and -although it started up ridiculously slow- once it took over the pc became completely unusable.

      It was rather easy to get rid of (safe mode, regedit, hijack-this and then a full scan with Security Essentials -which seemingly had missed it originally!)

      The part I don't get is : how do the scammers get to their money (assuming some people are silly enough to pay) without the possibility of being traced back ?
      => shouldn't there be ridiculously easy traces to follow via paysafecard.com ??
      => worst case it should be easy enough to have these -at least!- blocked

      • Re:It's worldwide (Score:4, Informative)

        by Dunbal (464142) * on Sunday June 03, 2012 @07:20AM (#40200105)

        how do the scammers get to their money (assuming some people are silly enough to pay) without the possibility of being traced back ?

        Usually they use different 3rd parties, don't tell them where the money is comig from or where it's going, and have them take the fall if they get caught.

    • by zyzko (6739)

      Yes, and in Finnish among other languages, F-Secure has identified [f-secure.com] a lot of localized versions. Although that malware is not that well sophisticated as zeus (instructions to get away from it are quite simple and included in the blog article) the method is the same - display the logo of a local law enforcement agency (police, internal police...) and demand (an anonymous) payment because they have found cp on your machine.

      Easy money because it is a big accusation (even stronger than copyright infringement - w

  • it's not really targeted at child pornography. I've moved the German version from a couple of PC's (BundesPolizei it said) a couple of months ago, and it said something 'pornographic material has been found on your computer etc...'. So child pornography was just part of the options. Anyway, it's exactly the same type of scam as those fake anti-virus trojans that try you to lure into buying their 'software'. It's not really looking for pornography on your computer, it's just giving that message to everyone a
  • make one of these that informs people to instruct government on what and where the taxes they pay are to be spent.

    • by Jeremi (14640)

      make one of these that informs people to instruct government on what and where the taxes they pay are to be spent.

      How would that be different from the status quo?

      Everyone already "instructs their government" that taxes spent on things that primarily benefit them (or their community) is "vital and necessary investment", and anything that primarily benefits other people is "wasteful government spending".

      I doubt malware is going to give anyone a broader perspective.

  • US Warning of Child-Porn Blackmail Ransomware Remains Unheeded

    US Gov. to proceed with CISPA anyway.

  • by PopeRatzo (965947) on Sunday June 03, 2012 @08:55AM (#40200421) Homepage Journal

    Who couldn't see this coming? First, you make "looking at child porn" the worstest crime imaginable, like genocide against against a million nuns, worst than murder, worst than cannibalism, worst than, I don't know, eating fatty food, and then you...PROFIT!

    Anybody want to bet that in the next few years (or less) we'll be hearing about some major politician who has (cue the somber, scary music...) looked at drawings of naked children.

    "Is he right for America? We don't think so. Paid for by Americans for Families and Stopping Immoral Behavior among People Who are Different From Us."

    • by rrohbeck (944847)

      What we need next is a version than downloads some Al Qaeda manuals to your drive. Pay a ransom or you'll be locked away without trial.

  • let's say the Kelly Middle School gets hit by this what will happen then??

  • Can I pay the ransom in bitcoin?
  • This trojan just provided everyone ever accused of possessing kiddie porn with reasonable doubt.
  • by RobertLTux (260313) <robert&laurencemartin,org> on Sunday June 03, 2012 @04:03PM (#40203121)

    1 make it a lot easier for folks to get hands on Self Booting Fix discs (hint Norton/Mcafee/ect should include this in their products)

    2 redefine CP laws so that CP is defined in a strict narrow way:
    as a rough example:
    A Does it depict a Sex Act with a Minor?? (wiggle for models with actual ages not in line with appearance needs to be written in)
    or
    B Is the Model NUDE (or only clothed in something Trival) AND is it devoid of Artistic Diagnostic or Documentary Value
    or
    C Does it depict any other crime

    Then the Pic/Vid/media IS NOT CHILD PORN.

    the problem is BURN THE WITCH!! is never Justice so we need sanity in the laws.

When you don't know what to do, walk fast and look worried.

Working...