New Breaking Bad Computer Ransomware

'Breaking Bad'. (Image: Breaking Bad/ Facebook)
'Breaking Bad'. (Image: Breaking Bad/ Facebook)

Researchers at Symantec have identified a new CryptoLocker ransomware as Trojan.Cryptolocker.S. This new ransomware is targeting people in Australia; it will encrypt images, videos, documents, and more on victims’ computers. It then demands up to AU$1,000 (US$795) to decrypt the files it infects.

The criminals that are behind the malware are clearly fans of Vince Gilligan’s hit show Breaking Bad, as the message that greets their victims uses the logo “Los Pollos Hermanos“, the chain of fast-food fried chicken restaurants run by Gus Fring.

Cyber security for small business: Dealing with CryptoLocker and ransomware:–ffw8

“On analysis, we discovered that the theme used in this attack was styled around the now infamous TV show Breaking Bad.”

The email address that is connected to the ransom demand also mentions “the one who knocks,” which is a reference to a line from Breaking Bad‘s main character Walter White. Symantec said the malicious software comes from a zipped archive that is using the name of a courier firm in its file name and includes the file “PENALTY.VBS.”

Watch a CryptoLocker in action:

That file then downloads the ransomware, and then opens a legitimate PDF file that tricks people into thinking the initial archive was OK. The software then targets files like commonly used word documents, images, spreadsheets, and songs, to name a few.

The criminals have linked their demands to a video tutorial showing how to obtain Bitcoins, which is a digital currency. This is how they want you to pay the ransom, as it is hard to trace who has received the currency.

After you have paid them, they will then provide a key to unlock your information.

ABC wrote on its website that an IT consultant in NSW, Peter Saville, said ransomware was becoming an increasingly common type of threat to computer users. “It is a fairly common scenario now. They can encrypt any of your personal details.” Mr Saville went on to say that the virus depended on a level of human interaction, so if people did not click on the suspect folders, they would not be affected by the threat. People should ensure they regularly backed up important information.

In 2012, cyber criminals using a type of ransomware demanded a Gold Coast medical center pay $4,000 to decrypt sensitive information held on a server.

If you enjoyed this story, click here to read more Science stories.

Or join us on Facebook.

NASA's FINDER Technology Saving Lives in Nepal
Really, How Important Are Forests? (Infographic)