New Ransomware Tracks Your Browser History

New Ransomware Tracks Your Browser History

A new variation of ransomware is capable of checking a users browsing history and leveraging that information within a fake law enforcement warning.

According a malware analyst that goes by the handle Kafeine, the ransomware shows a message with the logos of the US Department of Justice, Homeland Security, and the FBI, and includes information such as the user’s IP address, host name, and the URL of a porn website (not necessarily illegal) that the user has recently visited.

It does so by checking the browser’s history, comparing the sites it finds there with a remote list, and if it discovers a matching website URL, it displays it in the warning message.. | April 2, 2013 | Zeljka Zorz

image by

The authors of police-themed ransomware are constantly trying to improve their success rate and this is just the latest in a long series of tricks they have added. Some variants are actually using the computer’s webcam, if one is present, to take a picture of the user and include it in the message in order to give the impression that the authorities are recording the user. Another variant gives victims a deadline of 48 hours to pay the made-up fine before their computer drive is reformatted and their data is destroyed.| April 1, 2013 | Lucian Constantin

199 total views, 1 views today

(Visited 7 times, 1 visits today)

3 thoughts on “New Ransomware Tracks Your Browser History

  1. Browse in a private window! Unless the software is good enough to read the memory content at browsing time there should not be any history.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.