Sunday, September 24, 2017

nRansomware Locks up Victims Computer and Demands Nude Pictures Instead of Bitcoin as Payments

I wonder if the things happening today in this world are what the first users and inventors of the internet and programming languages would've wanted. The activities of cybercriminals are changing the game and they are taking it to the next level. Most of us are familiar with the term “malware which is a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to their computers and systems unless they pay some kind of fee which is called a ransomware. And most times these fees are paid with a cryptocurrency—typically Bitcoin. Well, nRansomware is a new type of malware that demands victims to pay with their nude pictures instead of Bitcoin to get access to their infected/locked device.
Last week a group of researchers @MalwareHunterTeam discovered a malware software that was installed through a file called “nRansom.exe”, This malware demands owners of the infected and locked devices to “send at least 10 of their unclad photographs” in order to have their computer and other infected devices unlocked and get their files back. 

The victim is actually forced to create a Protomail account, which will then be ‘verified’ as legitimate by the attacker. Once the photos are sent, the victim will receive a code to disable the malware. It appears that the attackers are looking to sell the nude photos of the victims and make money from it.

According to Malwrhunterteamthe background of the malware is made of several images of the fictional children’s character known as Thomas the Tank Engine and also there is another image that state the conditions a victim must meet so as to have their devices unlocked. Also, the malware also appears to play looped music in the background with a filename: "your-mom-gay.mp3".

It is still not clear how many people and devices that have been affected with this malware or whether the demand is a legitimate threat and not just another prank. However, the source executable file which is ‘nRansom.exe’ appears to be real, legitimate, and serious, as it is classified as malicious by several antivirus engines, including VirusTotal and Hybrid Analysis, which are both public malware repositories.

To stay clear from these kinds of ransomware, internet and all electronic devices that are used to connect remotely to the internet are advised to run only supported version of an operating system and keep your device software up-to-date.

And for Windows PC users, For security and information purposes, I'll be sharing the official Microsoft download links of the security patches that were originally shared by Microsoft. All you have to do is to download them according to your system's Windows version and architecture. The download links to these security patches can be found here

If You Enjoyed this Post, Kindly take 5 Seconds and Share it With Your Friends on

No comments:

Post a Comment

***We ❤ to hear from you, Tell us Your views and opinion. Please note that comments are always moderated, Abusive comments won't be approved, and spammy comments are deleted automatically