Is That Malware Really from Anonymous?
CREDIT: Anonymous/Creative Commons
A type of malware called a "police Trojan" has for months been extorting cash from users with faux legal threats purporting to come from the police.
But in a change of tactics, some victims are receiving messages signed by a group on the other side of the law: Anonymous.
A Swiss security blogger yesterday (Nov. 1) tweeted out an image of the malware's pop-up ransom note, which bears an image of a hacker in a hoodie wearning a Guy Fawkes mask.
It's not clear whether the loosely affiliated hacking group is truly behind this latest twist in ransomware, but the move would be a departure from Anonymous' "victimless" political hacking ethos, moving the group into the territory of petty crime.
Ransomware is malware, usually a Trojan horse, that infects a computer and tells the user that his or her files have been encrypted. The user must pay a ransom to regain access to the files.
Such scams have been around for years, but the latest wave of ransomware involves police Trojans. They tell users that child pornography or other illegal material has been found on their computers, and that the ransom is actually a "fine" in lieu of prosecution.
FawkesSecurity, which claims to be affiliated with Anonymous, took credit for the ransomware in a YouTube video — but only after the Swiss blogger's tweet had already been featured in news stories. Beyond that, there is no clue as to the scam author's true identity.
Earlier this month, FawkesSecurity claimed that it had placed a bomb in a U.S. government building, set to explode Nov. 5. Other Anons decried the announcement, as most members of the group prefer hacking over violence as a form of political protest.
It could be that FawkesSecurity is "trolling" Anonymous, trying to make the larger movement angry by making outrageous statements calculated to offend.
Whoever's behind the bogus Anonymous ransomware has done his research. The ransom note greets victims with Anonymous' token phrase, "We are Anonymous. We are legion. We do not forgive. We do not forget. Expect us." For good measure, it even throws in a "Tango down" — hacker talk for a website sucessfully knocked offline.