Any time something catches the attention of huge numbers of Internet users, there’s a possibility that nefarious persons will try to make money from it. A famous actor has their phone hacked, a celebrity dies, or a whistleblower exposes the extent of NSA snooping, and the spam in your inbox suddenly has a new flavour… or worse.
Zscaler and other security researchers are reporting an increase in ransomware threats that are built on recent revelations of the NSA’s activities.
Ransomware works like this: you visit a web site that has been compromised and is serving malicious code. The code infects your computer, after which it becomes impossible to use your computer. Instead you see a full page threat from what appears to be the NSA, claiming that you have participated in unlawful activities (usually downloading copyrighted materials). You are told that you can pay up or face legal action.
If this happens to you, do not follow any of the instructions shown by the ransomware. Hire a professional to remove the malware or reinstall your operating system.
How to determine whether a warning is fake and ransomware:
- No legitimate agency would use this tactic (at least not yet).
- Awkward language and spelling mistakes in the warning.
- Payment methods use third-party services.
Techdirt has additional details.