back to article Yay for Tor! It's given us ransomware-as-a-service

Threat Research head Jim Walter says a virus writer has created a ransomware-as-a-service offering which allows luddite criminals to fleece users. Walter discovered the Tox ransomware on an eponymously named Tor hidden service noting the author required a 30 percent cut of paid Bitcoin ransoms. He says Tox is one of the few …

  1. Mystic Megabyte

    Ransomware?

    I thought this was an article about Windows 10.

    it's early, I need more tea.

  2. Paul Crawford Silver badge
    Facepalm

    "ransomware...as a Windows screensaver"

    Really, are people STILL falling for that one?

    1. Thorne

      Re: "ransomware...as a Windows screensaver"

      There is no limit to how stupid some people can be.......

      1. A Ghost
        Megaphone

        Re: "ransomware...as a Windows screensaver"

        I'm sure you know it is not really a case of 'stupidity'.

        I'm probably slightly above average intelligence, but even I know and can conceptualise of how other's brains work. Also, there are people who are not of good health, just getting up and making a cup of tea is a battle for them. Some people are from different generations and cultures.

        Not everyone is a bright spark super duper heavy hitter in the 'intellect/intelligence' stakes. I would wager that those that read this website are in the higher percentile of being able to grok this stuff, but different brains have different paradigms of thought, leading to different outcomes of actions, depending on scenario.

        Having said that, yes, some people are just really dumb. In fact, I'm beginning to wonder how deep this runs amongst the populace. I don't really see much evidence of higher thinking. I don't think I've even had a real face to face 'conversation' with someone about something other than the weather for about five years now. I certainly wouldn't use more than the fingers of one hand counting them anyway.

        Take for example, my recent little excursion in to a bit of in depth baiting of Indian Telephone Scammers, claiming to be Microsoft.

        (You can read all about it in one of my most recent posts here. I'm still in the process of leading them on and seeing just how far I can push it. I'm up to about four hours of wasting their time now. They are calling me as I write. I will answer the phone and get back to work on them a bit when I finish my other important stuff.)

        So, yes, take for example this 'little' operation they have going. (I hope I'm not going too far off thread here, but it's all extortion at the end of the day) It is a very sophisticated operation. First they have to get a list of real live working telephone numbers in another country, including REAL names. Now, I can imagine a dozen places of where they could obtain this info, but I really don't know for sure where they get it from. Next, the have to have the sheer temerity and lie to someone and say 'Microsoft calling'. Then they use a nonsensical scare tactic that not even a retarded toddler could fall for, let alone someone of lower intelligence. They can hardly speak English and are unable to speak in the vernacular. They use toe curlingly embarrassing tactics like 'how old are you?' - 'oh, you sound as if you are just 18' - puhleease....

        Then, when that doesn't work and they have an hour of their time wasted, they call back in half an hour using a voice scrambler to lower the pitch of the voice and start making threats, shouting, scaremongering.

        Now my point is: Intelligence is a two way street. How god damned stupid are these people thinking that this shit works on anyone, that anyone could fall for that crap? Yet, they have call centres of dozens and dozens of people all firing away on the phone. You can hardly hear for the din. You can hear the conversation of the person next to them in their chicken cubicle as you 'go to make a cup of tea'. BUT... How god damned 'stupid' are the people that fall for this?

        I mean, it must work right? It has to. It is a serious viable business to these people. Employing around about 50 people at least I would say. I'm sure someone has to pay for the phone call as well. 4/5 hours from India, not sure how much that costs, but I'm not paying for it. They are playing the numbers game. Some marks will be old and vulnerable and shaking in their boots. I would imagine this is the gold standard jackpot for these fuckers, to get some doddery old lady in her twilight years. I would imagine they up the fees for her. And keep calling back. This stuff works, people are getting ripped off. They wouldn't do it otherwise.

        You wouldn't believe some of the shit they come out with. Someone installing a malware infested screensaver does not compare in magnitude of stupidity to what these people are getting away with. The bloke was severely lacking in the IQ dept. But yet he is able to scam people out of hard cash. What does that say about the people he defrauds? Are they 'stupid'? No, I think not so much. More vulnerable and frail, not just someone that made a bad decision because they didn't know any better.

        Five people I talked to in that call centre. At one point, the bloke who came on the phone who claimed to be the supervisor/manager, was really intimidating and was not messing about. He was their enforcer. He used my real name and told me I WOULD pay, or else. He was pretty convincing and I can imagine someone who was easily intimidated would cave in. He demanded my credit card no. and would not give me a reason why it was needed, other than I owed it to them for their time and that otherwise the police would be knocking on my door.

        When that didn't work, they used a charming flirtatious woman on me. They knew when to escalate and when to deescalate. All the well versed sophisticated psychological manipulations, if crudely carried out. In short, this stuff works on people. But they didn't know they were fucking with a master. I feigned vulnerability, I feigned stupidity and incredulity, I feigned a little bit of mental retardation (I'm a bit autistic anyway) and I always let them have that one thing they cherished the most - that they would get a payment out of me, after feigning being intimidated. So how stupid are they?

        Obviously not that stupid because they are making a living (even if it is commission based) out of using bully boy tactics on frail and fragile minds. They can afford the odd major wind up like me. Most people tell them to piss off and that is better for them coz it saves their time. The guy that phoned back that used a voice scrambler (what a twat) was most indignant that I would waste an hour of his time. YOU ARE NOT A GENTLEMAN, he kept saying to me. Little did he know that I would later waste another 3 hours of his time.

        Anyway, I've gone off piste. I'm still pretty wound up about it and just warming up to today's proceedings with them. Something just cracked with me when that Supervisor used my real name and told me that I would pay. He got really really heavy. He may even be the brains behind it all. It's shit or bust for them at that point, but the deeper in debt they go, the more they double down, it would seem.

        But no, after saying all that, I don't think that people who install screensavers are necessarily 'stupid' per se. I went to download the Cobian file backup program the other day from the official site and got a drive by malware that took me eight fucking hours to clean off my system. I nearly had to do a full image restore of my OS taken the night before. I had no idea it would take so long, but it hijacked internet explorer and messed up classic shell which relies on it for system settings, so it was not straightforward. Was I stupid to trust a reputable site? These things happen, to all of us sooner or later.

        I have defense in depth and can deal with it, anyone else and their system being messed would have been the least of it. They would have had malware on their system. I had two AV go off at the same time and it got blocked. But eight god damn hours none the less to get it back to where it was before.

        Sorry, it just rankles me a bit when I hear 'techy' people using the word 'stupid' or 'luser' to describe other humans who don't think along the same lines as them. Then again, maybe you were right after all. Some people are just fucking dumb!

        [DISCLAIMER]

        I used to look after an elderly 93 year old lady who only recently passed away a year or two ago. Her whole life was based around giving her money away to lotteries and so called charities and telephone scammers would plague her day in day out. They sell the numbers of marks like this and prey on their vulnerability, be it old age, infirmity, loneliness. This lady used to fly over the African continent with her husband in a flying boat that they would land around the place as they saw fit. She lived a life few of us ever will. Even today's so called high rollers like the rich rappers with their ferraris don't know anything compared to what this woman experienced. I could go on.

        But my point is, she became old and vulnerable and would send cash in envelopes to those promising to tell her fortune. Was she 'stupid'? Yes, I suppose she was. She was also at the end of her days, and going blind. She fell down one night and couldn't get back up. She lay on the floor for hours until I came back to the house to pick her up. She would have been there all night otherwise. Her family cared for her a bit, but not enough. So excuse me if I seem to have a little emotional investment in this stuff. That is why I despise these people - it's personal. They will find your weak spot and HIT. Be it your fear of shame with the Police, the implied threat of violence, or appealing to your deeper human emotions of wanting to be loved or liked and to believe that a better world exists. They are scum.

        1. Anonymous Coward
          Anonymous Coward

          @A Ghost

          TL;DR

          1. Martin-73 Silver badge

            Re: @A Ghost

            Your loss

        2. Anonymous Coward
          Anonymous Coward

          Re: "ransomware...as a Windows screensaver"

          I can vouch for that.

          In my line of work I deal with all manner of people, some of whom are immensely bright. They have to be else they wouldn't do what they do. However, a, great many of them lack even basic common sense "skills". You can't train them, its inherent in their psyche. Just as I cant be a heart surgeon because I'm too thick, I know, instinctively, how to change a tyre, wire a plug, grasp the basics of a complex electronic device without having to read the manual... That's what I do. People who open .scr files do it because they don't know what else to do!!!

          That's why smart people are still falling for it.

          We all have a place on this planet...

        3. Bloakey1

          Re: "ransomware...as a Windows screensaver"

          A Ghost

          Wrote lots of relevant stuff.

          Well said that man / woman. I am totally with you and thank you for your humanity to others and in particular to 'your' lady.

        4. Looper

          Re: A Ghost...

          "I'm sure you know it is not really a case of 'stupidity'.". - Eh? Yes. It is.

          "Having said that, yes, some people are just really dumb. In fact, I'm beginning to wonder how deep this runs amongst the populace. I don't really see much evidence of higher thinking." - Changed your mind huh?

          "Now my point is: Intelligence is a two way street. How god damned stupid are these people thinking that this shit works on anyone, that anyone could fall for that crap?" - Will you make up your mind?

          "How god damned 'stupid' are the people that fall for this?" - So you've decided.

          "The bloke was severely lacking in the IQ dept. But yet he is able to scam people out of hard cash. What does that say about the people he defrauds? Are they 'stupid'? No, I think not so much." - They are , they aren't....

          "But no, after saying all that, I don't think that people who install screensavers are necessarily 'stupid' per se." - Changed your mind again?

          "Was I stupid to trust a reputable site?" - Dunno. Were you?

          "Sorry, it just rankles me a bit when I hear 'techy' people using the word 'stupid' or 'luser' to describe other humans who don't think along the same lines as them. Then again, maybe you were right after all. Some people are just fucking dumb!" - I couldn't make this up. Brilliant.

      2. TeeCee Gold badge
        Facepalm

        Re: "ransomware...as a Windows screensaver"

        I've got news for you. They still fall for "U can haz codec, yes?" and "FREE!!1! Antivirus scanner." too.

        All now older than the hills and giving the mountains a run for their money.

        Unfortunately nobody has yet built an OS that's proof against "Yes of course I want that installed and I'm happy to grant you the privilege to do it!".

        1. Just Enough

          Re: "ransomware...as a Windows screensaver"

          The mystery is not that people fall for ransomware as screensaver, but that people still think they need/want "screensavers" at all.

          They're unnecessary CPU hogs that generally look naff, draining electricity. They do nothing to "save" your screen.

          1. Peter2 Silver badge

            Re: "ransomware...as a Windows screensaver"

            And how many people do you expect realise that now CRT's are defunct the use of a screensaver is zero?

            The mystery is that people aren't simply dropping .SCR files at the gateway before the users get them. My personal irritation is PDF files with viruses attached. Unlike .SCR files you can't simply arbitarily drop them at the gateway.

    2. AlbertH

      Re: "ransomware...as a Windows screensaver"

      Here's a clue: If they're stupid enough to still use Windows ergo they're stupid enough to use unsolicited "screensavers" and to play "cute kitten.exe"

  3. pig

    Here's hoping

    "The operational security chops of the English-speaking author will be put to the test, should the prolific and competent anti-blackhat research community seek to identify the perp and send their special brand of love."

    Let's hope this happens.

  4. Raumkraut

    No creativity among thieves

    Of course, this is not to be confused with the legitimate FLOSS Tox Instant Messenger.

    In fact, it wouldn't surprise me if the author explicitly took the name from that project to sow confusion, since they apparently also misappropriated the CyanogenMod logo.

    1. Anonymous Coward
      Anonymous Coward

      Re: No creativity among thieves

      Of course, this is not to be confused with the legitimate FLOSS Tox Instant Messenger.

      In fact, it wouldn't surprise me if the author explicitly took the name from that project to sow confusion, since they apparently also misappropriated the CyanogenMod logo.

      Or maybe he gave up defacing London Underground.

      There must be so many users here who 'get' that!

      1. Anonymous Coward
        Anonymous Coward

        Re: No creativity among thieves

        Well, I for one, aren't one of them. Enlightenment please...

        1. Bloakey1

          Re: No creativity among thieves

          "Well, I for one, aren't one of them. Enlightenment please.."

          Look up Daniel Halpin. A nasty piece of work who has been messing up the London environment with his tags for years. I used to live in Wimbledon and Southfields and his tags were all over the damn place.

          The term ubiquitous sounds positively conservative if used in connection to his Tox tag.

          1. This post has been deleted by its author

  5. Jim 59

    @tox_team GET A JOB

  6. Maty

    Screensavers ...

    A few years back I wanted to change the monitor of a well-respected academic for a more modern one. (He was using a CRT ffs.) After meeting with stubborn resistance, we finally got to the reason. He 'liked the screensavers installed on this monitor'.

    So yeah, I believe that people still happily install .scr viruses. Not least because 'if there's something wrong with it, I'll just call IT to sort it out.'

  7. Andrew Meredith

    Deliberately outragious Grama and Speling

    I was chatting with a security guy the other day who had read a very interesting study done into the whole 419 thing. He said that they soon realised that the people authoring those awful emails were perfectly capable of making them look absolutely fine. They could spell and knew the proper grammatical constructs to use. However .. and here's the really nasty cynical bit .. they had realised that people who bailed at the awful use of English would be the same set as those that would baulk at sending out a "transaction fee" or "Carriage fee" or whatever later on down the line. By that stage the scammers have spent some actual time on that individual. Sending out thousands of spams costs next to nothing. Dealing with a human directly costs one man-hour per hour. The ones that didn't see anything wrong with the mails were also highly correlated with those that steam straight through the "send us a transfer fee" stage and onwards.

  8. prince_h

    For those saying people can't fall for Windows screensavers...

    ...believe me, you can. I still have people ask me about downloading YouTube and answering the Prince of Arabia about a secret business transaction. So falling for a Windows screensaver would not faze me at all, esp if someone in the office were to do that.

    While intelligence can't be cultivated, a good security system can be put in place instead. Any software to control malware from coming in should be implemented, specifically software that can deal with workers that don't know much about security or computers in general. For instance, in our office, we set up our 70 PCs with Rollback Rx (time machine software, instant restore) so that any silly mistake our workers make can be reserved.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021