Feeds

back to article Sick software nasty uses child abuse pics to extort infected victims

Depraved miscreants are spreading vile ransomware that displays images of child abuse on infected PCs and demands payment to remove them. Typically, this sort of malware pretends to be an official piece of police software and pops up a text message accusing victims of breaking the law - usually for downloading copyrighted …

COMMENTS

This topic is closed for new posts.

Page:

Thumb Down

Really struggling for words

How do you describe how vile these people are?

The only thing I can think of that would make me smile is if they pulled this shit on Liam Neeson...

"I don't know who you are. I don't know what you want. If you are looking for ransom, I can tell you I don't have money. But what I do have are a very particular set of skills; skills I have acquired over a very long career. Skills that make me a nightmare for people like you. If you stop this shit now, that'll be the end of it. I will not look for you, I will not pursue you. But if you don't, I will look for you, I will find you, and I will kill you."

31
0
Anonymous Coward

These people need castrating....

6
1
Silver badge
Coat

isn't the official phrase "sexecution" ?

0
0
Bronze badge
Coat

They don't need punishment, they need gunishment.

1
0
Anonymous Coward

Place your bets

There's now a bunch of paedos trying to download this malware so they can go "It's not my fault, the malware did it"

9
4
Unhappy

Re: Place your bets

Sadly it wouldn't surprise me...

2
0

Re: Place your bets

After my initial disgusted reaction to this story, my next thought was just as you point out. I don't understand the down-votes. Will someone who objected please explain?

3
2
Silver badge
Alert

Warning

Nice warming issued be the Germany's Federal Criminal Police Office as well: the storing of the displayed pic is criminal possession of kiddy porn. At least, they don't advice to contact a law enforcement agency...

3
1
MJI
Silver badge

What about UK?

Would you be automatically guilty of crimes?

7
0
Anonymous Coward

Re: What about UK?

In the UK you are already guilty. We're just waiting for the legislation to catch up...

40
0

This post has been deleted by its author

Silver badge

Re: What about UK?

Phil W, is degaussing still state of the art? I'd put rather more trust in a shredder or, for home use, a very hot fire.

0
0
Flame

Re: What about UK?

Why bother with the porn?

For the UK they could just plant a random data file with a size evenly divisible by 512 on the victims hard drive.

"That's a True Crypt file - open it if you're not a drug-ped0-terrorist"

Nothing to hide nothing to fear. Guilty until proven innocent.

6
1
Silver badge

Re: What about UK?

Would you be automatically guilty of crimes?

Probably, if you didn't immediately reach for the factory-restore disk .

Anyway, could you sensibly do anything else? God knows what else these sick bastards might have infected your computer with!

2
0
Holmes

Re: What about UK?

Some info for UK readers concerning offence of "Possession of IIC" and a proven defence based on "unsolicited receipt" aka "blame the computer" that may be relevant. This quote borrowed from the Crown Prosecution Service web site. Full document at http://www.cps.gov.uk/legal/h_to_k/i...s_of_children/

This quote is not subject to amendment and absolutely does not constitute legal advice. In fact don't believe it at all. Get a lawyer if this concerns you.

Quote

In the UK, section 1 of the Protection of Children Act 1978 (PCA 1978) and section 160 of the Criminal Justice Act 1988 (CJA 1988) cover the area of CP/IIC.

Defence under CJA 1988, Subsection 160(2)(c)

The defendant must prove both

'that the photograph or pseudo-photograph was sent to him without any prior request made by him or on his behalf' and that 'he did not keep it for an unreasonable time'.

The Act does not prescribe what constitutes a 'prior request', nor does it define the parameters of 'unreasonable time'. In particular, it is not clear whether time runs from when the image was received by the computer, or when it was known by a defendant to have been received.

In R v Porter the Court of Appeal held that

"an image will only be considered in possession if the defendant had custody or control of the image at that time. If at the time of possession the image is beyond his control, then he will not possess it."

[Case (ref. Porter, R. v [2006] EWCA Crim 560 (16 March 2006)]

/Quote

Full document here http://www.cps.gov.uk/legal/h_to_k/indecent_photographs_of_children/

0
0
Silver badge
Big Brother

Re: What about UK?

this is exactly the problem myself and some fellow game server admins had when 1 delightful little scrote decided it would be funny to use a child pron spray in game.

of course it gets shared to everyone playing on the server at the time, including me.

After some fairly heated discussion among the admins, the screen shot with the cp blurred out with the scrotes steam ID, and his IP address was sent to his ISP.

According to a report we got back from the ISP , mummy and daddy were most surprised to get cut off by the ISP and most unhappy as to why.

But the big problem for us was how do you go about reporting such things when you're the innocent victim?

The instant you call the plod and say "I've got cp on my PC sent to me by persons unknown" , pc plod will go "he's got cp , lets go nick him and smear his name across the media"

Anyway... these malware writers when found, should be firmly strung up, although if they're british, they'll get a stiff £50 fine and told not to be naughty.

10
1
Bronze badge

Re: What about UK? (@aliceklaar)

That's a very disturbing quote, as it seems to require the accused to prove a negative (that the file in question was sent "without any prior request"), which is impossible.

4
0
Silver badge

Re: What about UK? (@aliceklaar)

Similarly to proving that some data isn't encrypted when asked for a key.

The problem is that Mr Orwell's book didn't come with a disclaimer "this isn't legal advice and shouldn't be used to plan legislation"

0
0
Thumb Down

Re: What about UK?

@Boris the Cockroach

"According to a report we got back from the ISP , mummy and daddy were most surprised to get cut off by the ISP and most unhappy as to why."

I don't believe for a second that his ISP, even if they were also your ISP, reported back to you that they had been cut off. I find it even more difficult to believe that they told you what the parents' reaction was (or even if there were parents).

1
0
Bronze badge
FAIL

I think the only solution here is DBANing the drives.

Correct me if wrong, but due to "strict liability" (in the UK at least) I think anyone with CP on their computer no matter how it got there is committing an offence.

AFAIK, the only defence is to immediately report it, and probably lose all your hardware until whenever Mr. Plod is finished with it (i.e. sometime after it becomes obsolete).

If ever there was an advert for computer safety...

9
0
Silver badge

Re: I think the only solution here is DBANing the drives.

If I were really sick, I'd give them a few hours through which time I'd try to obtain the victim's identity and address. If they didn't pay up, I'd scatter the pron around the drive (perhaps encrypting a few with a password), lock as much as I could, transmit the information to authorities in e-mails and self-terminate to leave little trace that it was malware. Unless the plods were ready to admit the computer was tampered, the victim can now be arrested for possession of child porn (which in most countries is a felony). That would add real fear factor to the scareware: pay or face the end of your freedom.

3
2

Re: I think the only solution here is DBANing the drives.

+1 for DBAN. It has served me extremely well over the years.

These days though I usually leave a copy of Parted Magic around just in case I need to secure erase an SSD.

(And for HDD's it does come with a copy of Nwipe which is a DBAN fork which can run from Parted Magic.)

1
0
Anonymous Coward

Re: Probably lose all your hardware until whenever Mr. Plod is finished with it

IANAL

If you're being arrested for pedo offences, they actually fast track you through computer forensics.

It takes about 2 years to get your kit back if you've been arrested for something else in connection with computers. I don't know if you get your stuff back if you get found guilty of anything.

1
0

Re: I think the only solution here is DBANing the drives.

The U.K. Laws are a joke and are open to extortion and malicious framing. The one case that I remember where there was an attempt to frame a guy with child porn maliciously placed on his computer, was only foiled because the perpetrator was the one that notified the Authorities, which later aroused suspicions. If the perpertrator had been more cunning and fooled a 3rd innocent party into reporting the crime, then the innocent guy would have been toast.

I certainly believe that there should be strong laws against the financing of child porn distribution. i.e. in my world a researching famous pop stars would have their hands smacked for financing deviants but the actual crime of having illegal data hidden away on a machine is madness.

6
1

Re: I think the only solution here is DBANing the drives.

However, if you report CP on your disk, expect to see some repercussions if you ever need a CRB2 check, which is based on suspicion and rumour as well as criminal record.

5
0
Mushroom

Re: Probably lose all your hardware until whenever Mr. Plod is finished with it

I know how to solve this problem. If you get infected, isolate the ransomeware and email it to every politician/bureaucrat you can find.

Nothing will change until they feel the heat.

1
0
Gold badge
Unhappy

Re: I think the only solution here is DBANing the drives.

"Correct me if wrong, but due to "strict liability" (in the UK at least) I think anyone with CP on their computer no matter how it got there is committing an offence."

Exactly.

That's what make this so twistedly brilliant.

Be a good citizen (and get arrested for viewing and storing CP)

Or pay up and hopefully never hear from them again (if you can figure out how to fix your system that is).

I wonder if there are any politicians who voted for this "There is no excuse for CP being on a computer by accident" law have been hit by this?

And if so did they come clean of cough up the euros or pounds?

2
0
Mushroom

Nuke it from orbit, its the only way to be sure

6
0
Anonymous Coward

Yes I'll get downvoted but....

"German Society for the Prosecution of Copyright Infringement "

Christ, they'll bloody copyright anything these dates, could make for an "interesting" court case....

4
1
Headmaster

Re: Yes I'll get downvoted but....

They have a society specifically set up for this??? Sounds a bit extreme.

Is it run by a small Austrian guy with a unique mustache?

3
0
Anonymous Coward

Re: "they"

"They" don't "copyright" anything.

Copyright is automatic.

The word is a noun, not a verb.

1
0

Seriously?

This is incredibly twisted.

0
0
Mushroom

Paedoware

The poor unfortunate who's computer this will appear on will no doubt cr@p their pants. We had an instance of someomes laptop being hijacked the other day by a virus called PCEU. Effectively it told the user they had copyrighted material on their machine and had to pay $100, at which point it would be unlocked.

Service desk removed the disk, threw it in the bin and relied on WDS and SCCM to rebuild his laptop (SSD Disk) in about 8 minutes.

Unfortunately the average user doesn't have people like this to assist and could easily be duped out of hard earned money, taking the machine to a shop or getting someone in to remedy the issue could lead to awkward questions and assumptions about the user. Knowing what I do I could fix it myself but if I were Mr. Benson the single 50 year old man with a grumpy dog and no friends and little computer knowledge I might take the offending machine into the garden and terminate it.

The people who publish this sort of malware (any is obviously bad) should be treated as paedophiles and exposed as such. To be honest I'm in favour of a good old fashioned hanging for them. All paedos, including the ones 'doing it for reasearch' should be exterminated.

3
5
Bronze badge
Unhappy

Re: Paedoware

Can I upvote all of your post, but make an exception for the part where you advocate hanging people?

Hmm, I was going for "against capital punishment," but have managed "paedo-sympathiser," instead.

1
0
Anonymous Coward

Re: "terminate it"

If you had little computer knowledge you would probably not be aware this was necessary nor have the technical ability to accomplish it effectively.

0
0
Bronze badge

Re: Paedoware

"Knowing what I do I could fix it myself but if I were Mr. Benson the single 50 year old man with a grumpy dog and no friends and little computer knowledge I might take the offending machine into the garden and terminate it."

I popped into a client's office the other week, and it looks like they were hit by the very malware under discussion. The computer that was usually there was gone, with another one in its place - but it wasn't new, so obviously not an upgrade.

On asking, the woman there told me that the director was using it a few weeks ago and got a warning on screen as per the article. Not being IT savvy, the directory wanted to pay up - but the woman pointed out that if he did, the chances are the card would then be cleaned out.

So what they did instead is what your hypothetical Mr Benson would do, and she brought her own computer into the office to use instead.

The sad thing is, if they'd just put it to one side, I could probably have fixed it. Oh well.

0
0
Bronze badge
Unhappy

Re: Paedoware

I agree that capital punishment is going too far. Perhaps a stairwell nonce bashing would suffice. Especially if they're left quadrospazzed on a life-glug.

0
0
Anonymous Coward

WDS and SCCM ...

Why don't the people that sold him SCCM make a 'computer' that isn't so easily hacked?

0
0
Anonymous Coward

Follow the money?

How are the user supposed to pay the "fine", bank transfer? Paypal? Snail mail?

Would't it be more effective to either for the banks to block money transfer to suspicious accounts abroad?

1
1
Silver badge
Unhappy

Re: Follow the money?

You would think that following an electronic trail to these bastards would be easy.

1. Infect Computer

2. Start process to pay

3. Track payment

4. Issue warrant to bank \ service provider

5. Arrest \ kill these vile wankers!

6. Nice cup of tea and a biscuit for a job well done!

10
0
Headmaster

Re: Follow the money?

Unfortunately most of these people use mules who then make western digital transfers (or similar) which are currently untraceable (you can get which branch it was taken out of if you can a trace on the transaction before it was withdrawn, but no information about who withdrew it)

0
2
Bronze badge
Big Brother

Re: Follow the money?

I've never been asked to do design anything as complex as a system for international money transfers, but if someone had asked I'd have started from the foundation that any system connected to the network had to ensure that all transactions were fully logged and traceable, so that in the event of fraud, laundering or theft it would be easy to see where the money went, who authorised it's movement and ultimately who removed it from the system.

Now some institutions would no doubt baulk at such requirements, given that their business model relies upon not sharing what their clients do with their money, or who their clients even are for that matter, that would be fine, their clients would simply have to personally move their money into such institutions by withdrawing it in cash at a compliant institution, which would fully document the withdrawal, and then deposit it in cash into their Swiss chosen bank, with a similar arrangement for moving money back into the system.

A pain for some to be sure, but locking out banks that lose money trails would make most of the losses from fraud stop overnight and raise the risk of being caught from zero to something real. But it seems that would screw up a lot of 'legitimate' fraud and laundering as well so we don't do that and scams like this remain easy, almost risk free endeavours as a result.

1
0
Coat

Re: Follow the money?

Not that easy...There are many persons of interest, but you are required to operate within the legal frameworks. As for locations check out the 2012 INCSR: Major Money Laundering Countries report http://www.state.gov/j/inl/rls/nrcrpt/2012/vol2/184112.htm and scroll down to the Countries and Jurisdictions Table.

Just pick somewhere with more interest in numbered accounts and money handling fees than international sabre rattling. Generate a few fake personas and businesses for Mr Smith & Mr Jones and you are good to go racking up the air miles to open acoounts. etc.

With a bit of luck the Machine won't see you

.

0
0
Anonymous Coward

Re: "Western Digital"

I am shocked to hear that such a reputable organisation would be supporting the distribution of child pornography.

I for one will certainly not be purchasing any more hard drives from them.

1
0
Bronze badge
WTF?

Re: Follow the money?

"which are currently untraceable"

You don't seriously believe what you are saying, right?

You are either young and silly, or you wrote this piece of malware and are wishful thinking. Or both.

0
0
Silver badge

Re: Follow the money?

It think you might mean "Western Union" rather than "Western Digital"

Most of the make "money from home" jobs you see advertised are for forwarding stolen goods or cash. You get the stuff delivered to you from amazon on a stolen credit card and forward it onto another person - you are the one the police trace. Same with wire transfers of dodgy money

0
0
Alert

Yikes.

No, I am Not A Laywer.

Under Australian law - you're screwed. Get caught with CP and they assume you're guilty; your trial is pretty much a formality & sentencing (serious goal time, and THEN permanent CP register - good luck living more than 5km from children...). If it's on your drive, it's yours. You get to try to prove it isn't - the courts don't seem to need prove you guilty. Nasty, and I'm surprised it hasn't been used more often against politicians etc, but maybe we'll see a rise in this sort of trap soon.

Can a HDD be recovered after the platters have been hammered and blow-torched?

3
1

Re: Yikes.

"Can a HDD be recovered after the platters have been hammered and blow-torched?"

hammered OR blow torched, I don't know about together but with the guilty regardless of the truth that the law takes on this matter id not want to test that out!

0
0
Silver badge

Re: Yikes.

If done properly, no. The CP and all other data will be gone the data nirvana, or hell for that matter.

0
1
Silver badge

Re: Yikes.

Thermite is relatively easy to make and does the job quite well. Not indoors though....

0
0

Page:

This topic is closed for new posts.