New Ransomware Targets Porn Pirates, Makes Copyright Threats

from the hey-that's-a-good-idea dept

Ransomware viruses that hijack a a user's computer and demand payment for snake-oil anti-virus software are nothing new, but there's a new twist on it in Japan. A new virus targets people downloading hentai (an explicit form of anime cartoons) from P2P networks, and poses as an installation screen for a game that asks for users' personal info. Once this is entered, it starts taking screengrabs of users' web activity, which it posts online under their name, and asks for payment of 1500 yen (about $16) to "settle your violation of copyright law" and take down the page. There's a similar scam running in Europe, says a security firm, in which a virus scans a computer's hard drive, and regardless of what it finds, demands payment of $400 for a "pretrial settlement" of copyright infringement claims. Essentially these scams are just online versions of what firms like Digiprotect, ACS:Law and Davenport Lyons do through the mail -- send out thousands of letters demanding people pay up for supposedly downloading copyrighted content. That scheme (which manages to ensnare plenty of innocent users) is quite profitable for the firms that run it -- so it shouldn't be too surprising to see malware scammers move in. It's an interesting question, though: really, what's the fundamental difference between what the malware peddlers and these supposedly legitimate companies are doing?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 5:13am

    Anyone who downloads an executable from a source which is by definition unscrupulous and untrustable and then not only installs that executable but enters in all kinds of personal information deserves exactly what they get.

    I am now defining a Japanese corolary to the "Dancing Pigs" problem called the "Dancing Tentacle Monster" problem.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 5:44am

    One difference between this and the auto-litigator is that the pre-settlement places send you stuff when they find your IP address on TPB or somesuch and suspect you of infringing. This ransomware is activated by a trojan you have to install, which provides a bit more than mere suspicion. Of course, with this method, there will still be FPs (asshole friends DLing it).

    It is still extortion, but I think it's safe to say that no grandmas or printers will be downloading and installing a trojan that they thought was "Doki Doki no Tentacle Lovu~".

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Jon Renaut (profile), Apr 16th, 2010 @ 5:51am

    What a good idea

    I think this software is included in the latest versions of Windows Media Player and iTunes, too.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    slacker525600 (profile), Apr 16th, 2010 @ 5:58am

    the primary difference I saw was that the malware wasnt collecting on the extortion, it was selling your credit card information to somebody else.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 6:17am

    Re:

    So then it is regular malware and the copyright angle is just fluff?

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    jfgilbert (profile), Apr 16th, 2010 @ 6:50am

    There is a difference

    "what's the fundamental difference between what the malware peddlers and these supposedly legitimate companies are doing?"
    The malware peddlers are a lot smarter, they get the victims to do all the work, so they are much more efficient.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 7:08am

    i guess the masnick is on vacation, or has he left the building?

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Dark Helmet (profile), Apr 16th, 2010 @ 7:13am

    Re:

    "i guess the masnick is on vacation, or has he left the building?"

    I heard he took a week off to go to Discuss The Article Or Shut The Fuck Up Island....

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 7:16am

    Maybe we need a colorful rubber-hose style cartoon explaining the difference between extortion and fraud.

    Extortion isn't fraud :-D
    Extortion isn't fraud :-D
    If I tell you to do it or else, :-D
    you don't have to listen :-D
    But if I take your CC info and :-D
    sell it you'll be hurtin' :-D

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    drewmerc (profile), Apr 16th, 2010 @ 7:16am

    would any pirate honestly write there real details into a pirated app (i never have)

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Dark Helmet (profile), Apr 16th, 2010 @ 7:22am

    Re:

    There once was a girl name Maude,
    Who wasn't made smart by God,
    She acted like a tard,
    By not thinking too hard,
    And believed that extortion was fraud!

    (I swear, this rhymes if you have a Chicago accent....)

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Dark Helmet (profile), Apr 16th, 2010 @ 7:22am

    Re:

    Pirates don't write! That's why they make a giant "x" where their name is supposed to be....

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Any Mouse, Apr 16th, 2010 @ 7:28am

    Re: Re:

    Giant 'X' with a smiley on top. Sure. HAPPY pirates! Yarr.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 8:17am

    Re: Re:

    hi replacement mike.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Michael, Apr 16th, 2010 @ 9:02am

    Re:

    "they find your IP address on TPB or somesuch"

    Not necessarily true. They are under no obligation to tell anyone why they "suspect" your infringement. By some of the letters that have gone out to people that could not have POSSIBLY infringed, they are essentially picking up people's names and accusing them with no evidence.

    Sounds like the same thing to me.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Apr 16th, 2010 @ 9:14am

    Re: Re:

    Picking up someone's name and accusing them of infringement is the same as using infringement as an excuse to steal their credit card info and sell it on the black market?

    Remember, copyright here is just a smokescreen. It could have easily been "Your computer is infected" or a keylogger.

    The pre-litigation folks are crooks, to be sure, but once you pay up on their racket, then you are paid (for the time-being). With the malware folks, even if you pay, your CC information is still going to be stolen.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    The Groove Tiger (profile), Apr 16th, 2010 @ 10:35am

    Re: Re: Re:

    the todd has spoken! shilling five!

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Tom Landry (profile), Apr 16th, 2010 @ 11:15am

    That has to be significantly effective in Japan since reputation is everything to them.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Optimistic Pessimist, Apr 16th, 2010 @ 11:26am

    If the malware sits and waits for a certain amount of time or a particular event (running a bit torrent client for example) it would be much harder for the average pirate to equate that malware with a program they've recently downloaded and attempted to install.

    I say "average pirate" because I feel the vast majority are just regular folks, the kind that don't know much about the inner workings of computers and all the different kinds of social engineering malware authors use. You know, the kind that are happy when their computer works correctly but need someone else to fix it when it doesn't. They simply like getting things for free that just work out of the box (so to speak).

    I think only a small percentage of pirates have actually done their homework, keep up to date, and are mistrustful of absolutely everything/everyone. You know, the kind that employ and regularly maintain a myriad of security tools on their PC, knowing what each does and how each works.

    What amazes me is how long it took for malware authors to finally take advantage of this idea. I thought of it on day one, when the very first settlement letters started going out to alleged copyright infringers. I expected something like this to happen a lot sooner, when people were a little less knowledgeable about settlements and thus far more likely to be taken for a ride.

    It will be interesting to watch how this affects the so called "legitimate" law firms and their settlement schemes, the primary reason I got interested by such an idea in the first place.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This