Most ransomware request money to unlock files, regularly in the form of bitcoins, but this is the first time to see a malware requiring nude photos in return to getting access to their machine back.
Called nRansomware, the ransomware was recognized by a security researcher MalwareHunterTeam who published the screenshot of the ransom notes asking users for their private photos. The notes also showed a short message explaining how a victim can forward their photos to the hackers behind this malware.
nRansom Ransom Note:
“Your computer has been locked. You can only unlock it with the special unlock code, go to protonmail.com and create an account. Send an email to [email protected]. We will not respond immediatly. After we reply, you must send at least 10 nude pictures of you. After that we will have to verify that the nudes belong to you. Once you are verified, we will give you your unlock code and sell your nudes on the deep web”
Once the malware (nRansom.exe) is executed, it will display a stupid lock screen with a tiled Thomas & Friends background that asks for private pictures and then plays the your-mom-gay.mp3 MP3. In fact, this is not a ransomware and simply a locker. You just need to enter a code to unlock the screen
To terminate this locker, you can manually minimize the screen and just kill the nRansom.exe process.
