A ransomware scam has been discovered that tricks victims into believing they have been caught with child exploitation material by the NSA's PRISM program.
The scam functioned similarly to other ransomware attacks in that it was hosted on compromised or malicious web sites or ad networks and locked down victim machines displaying a message that demanded payment of a ransom.
Victims of the ransomware are told that were under investigation for "illegal content downloading and distribution," specifically child pornography.
Researcher Kafeine studied the threat and said its purveyors were likely responsible for the Kovter ransomware which spread earlier this year.
The crooks' command-and-control server was based in Russia, Kafeine said.
_(37).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
_(36).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
_(1).jpg&h=140&w=231&c=1&s=0)
