Cryptocurrency is hot right now. And while cryptocurrencies like Bitcoin are supposedly more secure than regular currency, that doesn’t mean that hackers aren’t looking for ways to take advantage of the trend.
A newly discovered ransomware scam banks on people’s desire to get rich quick by buying cryptocurrencies. The scam advertises a new cryptocurrency called SpriteCoin.
SpriteCoin isn’t a real currency; it’s just a ruse to get people to install ransomware. Often, SpriteCoin ads appear on forums where people learn about and discuss other cryptocurrencies, making SpriteCoin seem like the real deal (hence why social media sites are opting to nix all ads about cyrpto).
The ransomware is disguised as a wallet containing SpriteCoin. While your computer appears to be downloading the blockchain for your SpriteCoin, it is actually encrypting all of your files, while also raiding Chrome and Firefox for your stored passwords. Next, you receive a ransom note demanding that you pay up in order to get a decryption key, or else your files will be locked forever.
The ransom note demands payment in Monero, a cryptocurrency, to the tune of about $100. The note claims that “only we can decrypt your files. Don’t worry, we’ll give you your files back if you pay.”
To add insult to injury, once the Monero ransom has been paid, the hackers install additional malware that harvests personal data and gives hackers the power activate your webcam.
This ransomware scam was discovered by cyber security company Fortinet. Fortinet’s experts think that this scam, which is demanding a (relatively) inexpensive ransom, could be a pilot program for hackers to test out new delivery mechanisms for ransomware and malware. They want to see how many people will fall for the scam before scaling up.
Fortinet also explains that Monero is becoming the new cryptocurrency of choice amongst thieves using ransomware, because Bitcoin transaction fees have gone up and there is typically a delay on payments.
Cryptocurrencies could be a good investment – but make sure you do your research and only buy legit cryptocurrencies, lest you fall victim to such a vicious and repetitive scam.