Tonight I stumbled upon some browser-based ransonmware, that pretends to be a message from the police. This is neither very advanced (it isn’t anything like Cryptolocker), nor is it very new. It doesn’t install any malware on your machine (though this trick has been used by actual malware, such as ‘Urausy’). All it does is tell you that “your browser has been blocked up for safety reasons”, and that to prevent going to jail for anything between 5 and 11 years (for watching something very illegal), you need to pay a fine. Because of course, that is how the legal system works.
I’ll do a more detailed write-up about this later. I thought it was interesting that it was spreading via
Twitter and used some subdomains to domains hosted at a UK-based registrar, whose customers probably had their DNS hacked.
One thing that is typical for this kind of scam is that based on where you access the website from, you get the message in the local language and the logo of the national police force. They typically include a photo of the head of state as well. Because that makes it a lot more real.
And since this isn’t a very advanced scam, I could grab the various logos that are used. I had seen most of these before, but I don’t know if they had ever been shown on a single site. Now they have. (Actually, just before posting I noticed these are the same images used by Urausy last summer;
Kafeine has all those images. Oh well.)
Austria
Australia
Belgium
Bolivia
Canada
Cyprus
Czech Republic
Germany
Ecuador
Finland
France
Greece
Hungary
Ireland
Italy
Latvia
Mexico
Netherlands
New Zealand
Norway
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Switzerland
Turkey
United Kingdom
United States
