New Ransomware Tracks Your Browser History

New Ransomware Tracks Your Browser History

A new variation of ransomware is capable of checking a users browsing history and leveraging that information within a fake law enforcement warning.

According a malware analyst that goes by the handle Kafeine, the ransomware shows a message with the logos of the US Department of Justice, Homeland Security, and the FBI, and includes information such as the user’s IP address, host name, and the URL of a porn website (not necessarily illegal) that the user has recently visited.

It does so by checking the browser’s history, comparing the sites it finds there with a remote list, and if it discovers a matching website URL, it displays it in the warning message..
net-security.org | April 2, 2013 | Zeljka Zorz

image by malware.dontneedcoffee.com

The authors of police-themed ransomware are constantly trying to improve their success rate and this is just the latest in a long series of tricks they have added. Some variants are actually using the computer’s webcam, if one is present, to take a picture of the user and include it in the message in order to give the impression that the authorities are recording the user. Another variant gives victims a deadline of 48 hours to pay the made-up fine before their computer drive is reformatted and their data is destroyed.
infoworld.com| April 1, 2013 | Lucian Constantin

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles