Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Encryption Security Communications Education Privacy The Internet

Koolova Ransomware Decrypts For Free If You Read Two Articles About Ransomware (bleepingcomputer.com) 80

An anonymous reader quotes a report from BleepingComputer: We have a new in-development variant of the Koolova Ransomware that will decrypt your files for free if you educate yourself about ransomware by reading two articles. Discovered by security researcher Michael Gillespie, this in-development ransomware is not ready for prime time. In fact, I had to mess with it a bit and setup a local http server to even get it to display the ransom screen. In its functional state, Koolova will encrypt a victim's files and then display a screen similar to the Jigsaw Ransomware where the text is slowly shown on the screen. This text will tell the victim that they must read two articles before they can get a decryption key. It then tells you that if you are too lazy to read two articles before the countdown gets to zero, like Jigsaw, it will delete the encrypted files. This is not an idle threat as it actually does delete the files. The articles that Koolova wants you to read are an article from Google Security Blog called Stay safe while browsing and BleepingComputer's very own Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom article. Once you read both articles, the Decripta i Miei File, or Decrypt My Files, button becomes available. Once you click on this button, Koolova will connect to the Command and Control server and retrieve the victim's decryption key. It will then display it in a message box labeled "Nice Jigsaw," in reference to the Jigsaw Ransomware, that displays your decryption key. A victim will then be able to take that key and enter it into the key field in order to decrypt files.
This discussion has been archived. No new comments can be posted.

Koolova Ransomware Decrypts For Free If You Read Two Articles About Ransomware

Comments Filter:
  • by SeaFox ( 739806 ) on Tuesday January 03, 2017 @06:23PM (#53601141)

    How does it know if you really read the articles?

  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Tuesday January 03, 2017 @06:30PM (#53601205)
    Comment removed based on user account deletion
    • but there is never an ethically appropriate way to damage or steal information that isn't yours on equipment that isn't yours

      It's never legal to do something like this, but ethical? Absolutely. Different people have different ethics, you shouldn't push yours on other people.

      The world needs more education opportunities like this, where they can have a chance to change without actually getting hurt.

      • by Roger W Moore ( 538166 ) on Tuesday January 03, 2017 @07:52PM (#53601581) Journal

        It's never legal to do something like this, but ethical? Absolutely. Different people have different ethics, you shouldn't push yours on other people.

        The author of this ransomware is doing exactly that though: forcing others to accept his ethics. So using your own definition of ethical behaviour this is still unethical. Arguing that this is an ethical way to motivate learning is the same as arguing that spreading curable STDs is an ethical way to educate people into having safe sex.

      • That sounds like pure ethical relativism, which isn't sound. If someone thinks it ethical, nay a duty, to exterminate all the left handed, it is OK to push my opinion on him. There may be hard problems and the answers may depend on details, including social circumstances, but there is a difference between right and wrong.

        • This is not a case of "eliminate all left-handed." You might argue that some ethical systems are not sound, and maybe you would be right, but the crux of this issue (which you seemed to miss in your generalized rant), is that I disagree with his idea of 'ethical.'
      • It's never legal to do something like this, but ethical? Absolutely. Different people have different ethics, you shouldn't push yours on other people.

        I'm interested in hear more about Absolute Ethics.

      • Different people have different ethics, you shouldn't push yours on other people.

        You're confusing ethics, which are based on principles and are not relative, with morality, which is relative and malleable.

        Look at it this way: slavery has never been and never will be ethical but it is, at some times in some places, moral.

        • Different people have different ethics, you shouldn't push yours on other people.

          You're confusing ethics, which are based on principles and are not relative, with morality, which is relative and malleable.

          Look at it this way: slavery has never been and never will be ethical but it is, at some times in some places, moral.

          Note: Slavery was advocated by humanitarians, in ancient times, as a way to avoid the slaughter of capured enemy soldiers.

        • The 'principles' which you choose to base your ethics on are entirely subjective.
          • Subjective? No, not really.

            The basic ethical principle is to not interfere with another's well-being. The definition of well-being may appear changeable but it should be the subject's definition and standard of well-being, not your own.

            From the single principle, which we may restate as "treat others the way they want to be treated," we can derive prohibitions against murder and assault; lying, and from that cheating; theft, and from that malicious vandalism (depriving property from another, even if you do

            • The basic ethical principle is to not interfere with another's well-being.

              That's your suggested ethical code. It's not everyone's. Is it ethical to pirate music? To violate copyright?

    • by hawk ( 1151 )

      Many years ago there was a proposal for the "Tux Virus."

      The notion was that it would download a linux distribution with FVWM95 as the window manager, use Wine for the windows binaries, and probably include OpenOffice.

      Some even deluded themselves that it would take the victim a while to notice.

      Fortunately, those that had the actual ability to do this (that is, to come as close as possible; it's not like Wine was up to running random binaries) had better things to do, or had been taught better by their moth

      • I'd never heard of this. It's a fun thing to think about, but of course unethical and also a bad idea for obvious PR reasons ("LINUX IS A VIRUS!") to actually do.

        Many people wouldn't notice possibly ever, at least until someone technically literate looked at it and told them what had happened. Why would they? They'd just think it was a normal Windows update that included some UI changes.

        Now, if the virus's autoconfig was poorly written and gave them a broken setup, they'd certainly notice something was b

  • by AndyKron ( 937105 ) on Tuesday January 03, 2017 @06:30PM (#53601207)
    That's it. I'm making my own Internet, and nobody else can be on it.
  • by speedplane ( 552872 ) on Tuesday January 03, 2017 @06:51PM (#53601331) Homepage
    This is a fun example, but it suggests that ransomware can be used to induce people to do much more than paying a fee. On the more benign side, you could easily see some ransomware require you to click on a dozen or so affiliate links. More troubling, in another iteration the ransomware would only decrypt your files if you order products using a stolen credit card that is provided to you, or if you transfer some child porn from server A to B. Sounds like it could be out of a Black Mirror episode.
    • We've already seen ransomware that either allows a victim to pay, or to infect at least two other paying victims [computerworld.com], using a customized version of the malware for tracking purposes.

    • by gnick ( 1211984 )

      This is a fun example, but it suggests that ransomware can be used to induce people to do much more than paying a fee.

      You and I have radically different definitions of "fun." This "fun example" will encrypt and then delete your data if you don't follow its demands. I don't care if the only demand is filling in a captcha, it's not acceptable to threaten consequences for failing to comply.

      Personally, I can think of a few knee-jerk reactions that I might have to discovering this. None would be to just click on the links unless I knew ahead of time that it would work. My response would certainly not be blindly following direct

      • Personally, I can think of a few knee-jerk reactions that I might have to discovering this. None would be to just click on the links unless I knew ahead of time that it would work. My response would certainly not be blindly following directions given to me by ransomware - In this case to my own detriment.

        "I don't negotiate with terrorists", says the person who has never been held hostage.

  • In a strange coincidence of "one thing happening after two other things happen", the "please stop breaking my knees" button becomes available after the ransomware's author has had both of his knees broken.

  • What an idiot (Score:5, Insightful)

    by Misagon ( 1135 ) on Tuesday January 03, 2017 @07:02PM (#53601387)

    There is no doubt that this is both unethical and illegal in most jurisdictions.

    It also won't work. Regular computer users are not knowledgeable. Even experienced users, even people with college degrees in computer security will err. People will mistake the dialogue box for an ad, people will think that it will go away with a reboot, etc. That users err is a natural law, the first thing they teach you in User Interfaces 101.

    It won't be fool-proof. Even perfect software has bugs. The Internet has outages. People don't always unfiltered Internet access: people travel with their computers, people use their company's computers behind high corporate firewalls etc.

    It will be dangerous. People will get their files deleted, and then they will get angry.
    Even if the author's actions may be legal within the jurisdiction in which he lives (which is doubtful)... he will have made himself a target.
    Delete the files of the wrong person, and he might end up with a busted skull with his blood on the pavement.

    • Re:What an idiot (Score:5, Insightful)

      by Ungrounded Lightning ( 62228 ) on Tuesday January 03, 2017 @08:01PM (#53601623) Journal

      It will be dangerous. People will get their files deleted, and then they will get angry.
      Even if the author's actions may be legal within the jurisdiction in which he lives (which is doubtful)... he will have made himself a target.
      Delete the files of the wrong person, and he might end up with a busted skull with his blood on the pavement.

      Delete (or even delay access to) the wrong file and he might just kill somebody, too.

      Even if he really wants his victims to read the ransomware rants, putting a time limit on this and deleting the files if the time limit is not met is stupid. Just leaving them encrypted and inaccessible until they've put in their time-as-a-slave to do his bidding leaves the incentive in place. Deleting the files after a time limit causes additional gratuitous harm.

      • by Anonymous Coward

        Many businesses (especially SMB's) don't consider themself a realistic target for ransomware. It is these same types who assume recommendations of educating users on the dangers of ransomware and its methods of delivery, having appropriate policies in place to mitigate prevention, having backups (not "I sometimes backup my two decades old payroll software to a thumbdrive but sometimes I forget to put it in the coffee mug after") or even having a god damn anti-virus that isn't appended with "Free" are just b

    • That users err is a natural law, the first thing they teach you in User Interfaces 101.

      Perhaps it should appear a bit later in the course. They seem to forget by session 102.

      At the same time it might be worth explaining that now resolutions have improved beyond 640x480, expecting users to be able to click on a window border 1 pixel wide is unrealistic. - Or are GUI developers stuck with 640x480 resolution for some reason I don't understand?

    • What an idiot he is by making light of the issue of Ransomware by getting into the news without even releasing a product. We should set his balls on fire.

  • Fuck it (Score:4, Funny)

    by OrangeTide ( 124937 ) on Tuesday January 03, 2017 @08:50PM (#53601847) Homepage Journal

    Just delete my files, I'm not going to sit down and let a computer lecture me.

  • Either they will finally educate themselves about computer security. Or their e-mails and stuff will get erased, which is probably for the best given how embarrassing it is whenever we get a look at it.

  • If you're going to "educate" people like this, you could at least use a weaker encryption for when your command and control goes offline people have a way to break it.
  • While this is unethical and dangerous to release to the wild, it is somewhat comical in that it encourages user to educate themselves on safe browsing practices.

    It won't work, people will still lose files, and they will get angry, but it does bring up a good point...How do we educate the general public on safe browsing?
    The average user won't go out and educate themselves. They might pick up a little if they get burned, but that's unlikely. This method forces them to stare at a screen and "read" the article,

news: gotcha

Working...