Researchers at MalwareHunterTeam, a study group concentrated on ransomware, found the software, called nRansomware on Thursday. The group posted a screenshot of the information that’s displayed if a victim gets infected:
“Your computer has been locked,” states the message, which then requires the victim to email the hackers. “After we answer, you must transfer at least 10 nude pictures of you. After that, we will have to check that the Pics belong to you.”
The message is revealed on top of a haphazard environment made of several images of the fictional children’s personality Thomas the Tank Engine and a smiley face with the typing “F*** YOU!!!” in bold. It’s not clear how many people have been hit with this ransomware, or how serious the hackers behind it really are.
To some degree, the malware does seem to be true. The file, nRansom.exe, is listed as malicious by different antivirus engines, including VirusTotal and Hybrid Analysis, which are both known malware repositories. Other users on Twitter also announced spotting more examples of this particular ransomware.
Malware can end up on those repositories if someone manually presents an entry and features what and does and how, or if malware is presented and is then automatically investigated. News tried to infect a virtual machine with the malware but was unable to do so.
This could very well be a joke, given that it doesn’t actually encrypt files, according to MalwareHunterTeam and another researcher who studied at the malware.
“It is a screen locker, so files aren’t encrypted,” MalwareHunterTeam told News in a Twitter direct message. “We have no knowledge about anyone growing infected with this.”
The malware also seems to play looped music from a file termed your-mom.mp3 that are actually the Curb Your Enthusiasm theme song in the background, according to the MalwareHunterTeam.
Take your time to comment on this article.
