4th SMS Ransomware Variant Offered for Sale
0
Locking down an infected Windows-based host and demanding a premium rate SMS message for the unlock code (SMS Ransomware Source Code Now Offered for Sale; New ransomware locks PCs, demands premium SMS for removal; 3rd SMS Ransomware Variant Offered for Sale), is slowly becoming a trend, that despite its current geographical prevalence evident in Russia, it could easily become an international issue due to the cost-effective localization services available on demand these days.Yet another SMS-based ransomware variant is offered for sale ($10), making this the 3rd such variant available for purchase during the past couple of months. The author appears to be a Moscow-based opportunist, clearly interested in making a quick buck and lacking any long-term ambitions - at least for the time being. Despite that the message and the visual interface can be changed on request, the default version is once again insisting that Microsoft locked down this copy of Windows because it detected it as pirated copy, and in order to unlock it the user has to send an SMS in order to receive the unlock code.
What bothers me is not the potential "spread-ibility" of his campaigns that is if he turns into a user of his own code, but how easily and cost-effectively his customers can push the ransomware to a huge number of already infected malware hosts.
This post has been reproduced from Dancho Danchev's blog.
About Dancho Danchev
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
0 Comments: