Categories
Security

Browser-based ransomware

Tonight I stumbled upon some browser-based ransonmware, that pretends to be a message from the police. This is neither very advanced (it isn’t anything like Cryptolocker), nor is it very new. It doesn’t install any malware on your machine (though this trick has been used by actual malware, such as ‘Urausy’). All it does is tell you that “your browser has been blocked up for safety reasons”, and that to prevent going to jail for anything between 5 and 11 years (for watching something very illegal), you need to pay a fine. Because of course, that is how the legal system works.

policeransomware

I’ll do a more detailed write-up about this later. I thought it was interesting that it was spreading via Twitter and used some subdomains to domains hosted at a UK-based registrar, whose customers probably had their DNS hacked.
One thing that is typical for this kind of scam is that based on where you access the website from, you get the message in the local language and the logo of the national police force. They typically include a photo of the head of state as well. Because that makes it a lot more real.
And since this isn’t a very advanced scam, I could grab the various logos that are used. I had seen most of these before, but I don’t know if they had ever been shown on a single site. Now they have. (Actually, just before posting I noticed these are the same images used by Urausy last summer; Kafeine has all those images. Oh well.)
Austria
AT

Australia
AU

Belgium
BE

Bolivia
BO

Canada
CA

Cyprus
CY

Czech Republic
CZ

Germany
DE

Ecuador
EC

Finland
FI

France
FR

Greece
GR

Hungary
HU

Ireland
IE

Italy
IT

Latvia
LV

Mexico
MX

Netherlands
NL

New Zealand
NZ

Norway
NO

Poland
PL

Portugal
PT

Romania
RO

Slovakia
SK

Slovenia
SI

Spain
ES

Sweden
SE

Switzerland
CH

Turkey
TR

United Kingdom
GB

United States
US