Story 2016-04-11 1A2NN Ransomware that knows where you live

Ransomware that knows where you live

in security on (#1A2NN)
A widely distributed scam email that quotes people's actual postal addresses, links to a dangerous form of ransomware called Maktub. The phishing emails told recipients they owed hundreds to businesses and that they could print an invoice by clicking on a link - but that leads to malware. "It's incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive - it happens in seconds. This is the desktop version of a smash and grab - they want a quick payoff."

Maktub doesn't just demand a ransom, it increases the fee - which is to be paid in bitcoins - as time elapses. During the first three days, the fee stands at 1.4 bitcoins, or approximately $580. This rises to 1.9 bitcoins, or $790, after the third day.

It's still not clear how scammers were able to gather people's addresses and link them to names and emails. The data could have come from a number of leaked or stolen databases. For some individuals without backups, paying the ransom might be the only way to retrieve their data. "However, every person that does that makes the business more valuable for the criminal and the world worse for everyone."
Reply 6 comments

Not clear (Score: 0)

by Anonymous Coward on 2016-04-11 23:03 (#1A5HA)

Many businesses these days demand a home address, home phone and some record date of birth. Been to a hotel? When they take your licence to the back room they are photocopying it. You really believe that they need your id just in case there is a fire? What about online credit payments.. why do they need to collect date of birth, home address etc? Your privacy is like your virginity; once it is gone..

Some benefits (Score: 1)

by on 2016-04-13 03:18 (#1A5RN)

Hhis could be a GOOD THING. Spam exists because there are users stupid enough to click on the links to buy Viagra and whatnot. Similarly, there was little consequence for employees who fell for phishing e-mails and infected their who company network.

Now, being out $600 every time you do something so stupid, is sure to be a painful lesson for those who still haven't learned proper e-mail/internet security. That's right, ransomware could potentially END SPAM.

Re: Some benefits (Score: 0)

by Anonymous Coward on 2016-04-13 09:19 (#1AAY5)

"Stupidity cannot be cured with money, or through education, or by legislation. Stupidity is not a sin, the victim can't help being stupid. But stupidity is the only universal capital crime; the sentence is death, there is no appeal, and execution is carried out automatically and without pity."