'Breaking Bad' Crypto Ransomware Targets Australian Users

An anonymous reader writes: A new strain of the Trojan.Cryptolocker.S targeting Australia is using the branding of popular TV crime drama 'Breaking Bad' to theme its extortion demands. After encrypting all the files on the victim's computer, the ransomware presents a message that uses a logo and character quotes from the show, in addition to a YouTube video from the game Grand Theft Auto V, thought to be a tribute to Breaking Bad.

A new strain

[Psychotria]

The way these viruses are mutating, sharing RNA (code), and recombining to form new strains is ridiculous. My main concern is that my computer is in close contact with Windows, OSX and also Linux. Even if I was just dual booting Windows and Linux it would be bad enough. Dual booting with the obvious genetic soup it forms between the two different operating systems is a recipe for disaster. Such close contact between operating systems and a virus that mutates to form new strains, frankly, makes me quite uneasy. Because the operating systems run on the same underlying hardware, sharing the same genetics (opcodes) means that the likelihood of the virus crossing species (OS's) is pretty damn likely. We could seriously have an uncontrollable pandemic on our hands withing weeks unless the governments of the world (and their health organisations) proactively get together and tighten air traffic so that laptops and other computers come into contact. Without cooperation I fear that we face a pandemic that will make SARS look like a baby chicken (after it comes out of the egg all nice and fluffy).

these viruses are the end of computing

[slashmydots]

In a year, 99% of viruses are going to be crypto ransomware. It's a million times more effective than stealing bank account info or health records or credit card numbers or any of that junk that's basically valueless in 2015. If my CC gets stolen, you'd be lucky to use it in another state let alone another country. If you steal my bank account login, you better know all my security questions too once the bank sees an unfamiliar IP address and I'll get a phone call to verify a large EFT. But encrypt someone's files and they're likely to pay the ransom. I think the original ransomware virus got like $50 million+. The people behind these viruses will never be caught so until every government makes it illegal to pay these fines, people will keep doing it.

Re:these viruses are the end of computing

[njnnja]

It may be the end of local storage, but what does the average person need to have locally stored anyways? Purchased content can be more efficiently stored by the seller and streamed on demand. And for "irreplaceable" content like photos, I trust cloud providers to deal with grandma's pictures better than she ever could.

In the past, pipe size was the constraint that would lead people to store things locally but why shouldn't the average user leave all those headaches to someone else nowadays? More sophisticated users will continue to store things locally, but will also be better about off site backups and therefore less susceptible to this kind of ransomware anyways.

Re:these viruses are the end of computing

[o_ferguson]

Great, except most clouds store a mirrored copy of your local files, so when the crypto encodes them, your cloud will update and overwrite with the new, locked files.

Re:

[Chewbacon]

These ransomware viruses are getting more sophisticated. You can only combat that with a multifaceted strategy. I backup entire images to my media server. I also backup the irreplaceable stuff to a separate folder which my media server backs up to Amazon S3 via S3FS (shell scripts!). Finally, I have an external drive which I plug in and backup to once a week. It's cold storage which the ransomware can't get to unless I fail to realize I've been compromised when I plug it in.

Re:

[Cro Magnon]

This is why we should all support the republican crusade to outlaw encryption technology!

The saying "If you outlaw encryption, only outlaws will have encryption" couldn't possibly be more appropriate.

Re:

[narcc]

It means to speak or act without restraint: "Man, I really broke bad last night ... woke up in jail"

Re:

[neminem]

Stupidly easy google search, "break bad" (because obviously "breaking bad" will just get you hits for the show): http://en.wiktionary.org/wiki/... [wiktionary.org]

I didn't know that either - I always assumed it was a made-up phrase for the show that just sounded cool, but apparently it's a midwestern phrase meaning, appropriately, "to turn to a life of crime". Of course, now if you say someone's breaking bad, anyone, or at least anyone outside that geographic region, will just assume it means they're cooking meth. I've hear

"SAY MY NAME!!!"

[kimgkimg]

I'll bet "heisenberg" is the unlocking password.

Re:

[hcs_$reboot]

Well, considering how the show ends, I guess the password would be his son's name...

Re:

[qIroS]

I'm not so certain

What OS?

[hcs_$reboot]

What OSes are affected? And why it's not part of TF[AS]?

Re:

[hcs_$reboot]

BS

Re:

[canajin56]

From the TFA (or rather from the link at the top of TFA): Systems Affected: Windows 2000, Windows 7, Windows NT, Windows Vista, Windows XP.

Re:

[Teun]

After we had an incident with ransomeware and had to quarantine a particular office I asked our IT chief why he didn't use policies to uncheck that stupid Microsoft setting 'hide known extensions'.
After a couple of days he answered that showing extensions would only confuse people.
Scary.

Ransomware targets Australian users?

[nickweller]

I thought malware could only target a specific Operating System, in this case Microsoft Windows XP/Windows NT/Vista/ Windows 2000/Windows 7 ..

Re:

[Teun]

Indeed, as usual the press thinks everyone in *.* runs Windows.
And next they update the virus definitions on their iShiny.