New Ransomware Targets Porn Pirates, Makes Copyright Threats

from the hey-that's-a-good-idea dept

Ransomware viruses that hijack a a user's computer and demand payment for snake-oil anti-virus software are nothing new, but there's a new twist on it in Japan. A new virus targets people downloading hentai (an explicit form of anime cartoons) from P2P networks, and poses as an installation screen for a game that asks for users' personal info. Once this is entered, it starts taking screengrabs of users' web activity, which it posts online under their name, and asks for payment of 1500 yen (about $16) to "settle your violation of copyright law" and take down the page. There's a similar scam running in Europe, says a security firm, in which a virus scans a computer's hard drive, and regardless of what it finds, demands payment of $400 for a "pretrial settlement" of copyright infringement claims. Essentially these scams are just online versions of what firms like Digiprotect, ACS:Law and Davenport Lyons do through the mail -- send out thousands of letters demanding people pay up for supposedly downloading copyrighted content. That scheme (which manages to ensnare plenty of innocent users) is quite profitable for the firms that run it -- so it shouldn't be too surprising to see malware scammers move in. It's an interesting question, though: really, what's the fundamental difference between what the malware peddlers and these supposedly legitimate companies are doing?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: copyright, porn, ransomware


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 16 Apr 2010 @ 5:13am

    Anyone who downloads an executable from a source which is by definition unscrupulous and untrustable and then not only installs that executable but enters in all kinds of personal information deserves exactly what they get.

    I am now defining a Japanese corolary to the "Dancing Pigs" problem called the "Dancing Tentacle Monster" problem.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 16 Apr 2010 @ 5:44am

    One difference between this and the auto-litigator is that the pre-settlement places send you stuff when they find your IP address on TPB or somesuch and suspect you of infringing. This ransomware is activated by a trojan you have to install, which provides a bit more than mere suspicion. Of course, with this method, there will still be FPs (asshole friends DLing it).

    It is still extortion, but I think it's safe to say that no grandmas or printers will be downloading and installing a trojan that they thought was "Doki Doki no Tentacle Lovu~".

    link to this | view in thread ]

  3. icon
    Jon Renaut (profile), 16 Apr 2010 @ 5:51am

    What a good idea

    I think this software is included in the latest versions of Windows Media Player and iTunes, too.

    link to this | view in thread ]

  4. icon
    slacker525600 (profile), 16 Apr 2010 @ 5:58am

    the primary difference I saw was that the malware wasnt collecting on the extortion, it was selling your credit card information to somebody else.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 16 Apr 2010 @ 6:17am

    Re:

    So then it is regular malware and the copyright angle is just fluff?

    link to this | view in thread ]

  6. icon
    jfgilbert (profile), 16 Apr 2010 @ 6:50am

    There is a difference

    "what's the fundamental difference between what the malware peddlers and these supposedly legitimate companies are doing?"
    The malware peddlers are a lot smarter, they get the victims to do all the work, so they are much more efficient.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 16 Apr 2010 @ 7:08am

    i guess the masnick is on vacation, or has he left the building?

    link to this | view in thread ]

  8. icon
    Dark Helmet (profile), 16 Apr 2010 @ 7:13am

    Re:

    "i guess the masnick is on vacation, or has he left the building?"

    I heard he took a week off to go to Discuss The Article Or Shut The Fuck Up Island....

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 16 Apr 2010 @ 7:16am

    Maybe we need a colorful rubber-hose style cartoon explaining the difference between extortion and fraud.

    Extortion isn't fraud :-D
    Extortion isn't fraud :-D
    If I tell you to do it or else, :-D
    you don't have to listen :-D
    But if I take your CC info and :-D
    sell it you'll be hurtin' :-D

    link to this | view in thread ]

  10. icon
    drewmerc (profile), 16 Apr 2010 @ 7:16am

    would any pirate honestly write there real details into a pirated app (i never have)

    link to this | view in thread ]

  11. icon
    Dark Helmet (profile), 16 Apr 2010 @ 7:22am

    Re:

    There once was a girl name Maude,
    Who wasn't made smart by God,
    She acted like a tard,
    By not thinking too hard,
    And believed that extortion was fraud!

    (I swear, this rhymes if you have a Chicago accent....)

    link to this | view in thread ]

  12. icon
    Dark Helmet (profile), 16 Apr 2010 @ 7:22am

    Re:

    Pirates don't write! That's why they make a giant "x" where their name is supposed to be....

    link to this | view in thread ]

  13. identicon
    Any Mouse, 16 Apr 2010 @ 7:28am

    Re: Re:

    Giant 'X' with a smiley on top. Sure. HAPPY pirates! Yarr.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 16 Apr 2010 @ 8:17am

    Re: Re:

    hi replacement mike.

    link to this | view in thread ]

  15. identicon
    Michael, 16 Apr 2010 @ 9:02am

    Re:

    "they find your IP address on TPB or somesuch"

    Not necessarily true. They are under no obligation to tell anyone why they "suspect" your infringement. By some of the letters that have gone out to people that could not have POSSIBLY infringed, they are essentially picking up people's names and accusing them with no evidence.

    Sounds like the same thing to me.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 16 Apr 2010 @ 9:14am

    Re: Re:

    Picking up someone's name and accusing them of infringement is the same as using infringement as an excuse to steal their credit card info and sell it on the black market?

    Remember, copyright here is just a smokescreen. It could have easily been "Your computer is infected" or a keylogger.

    The pre-litigation folks are crooks, to be sure, but once you pay up on their racket, then you are paid (for the time-being). With the malware folks, even if you pay, your CC information is still going to be stolen.

    link to this | view in thread ]

  17. icon
    The Groove Tiger (profile), 16 Apr 2010 @ 10:35am

    Re: Re: Re:

    the todd has spoken! shilling five!

    link to this | view in thread ]

  18. icon
    Tom Landry (profile), 16 Apr 2010 @ 11:15am

    That has to be significantly effective in Japan since reputation is everything to them.

    link to this | view in thread ]

  19. identicon
    Optimistic Pessimist, 16 Apr 2010 @ 11:26am

    If the malware sits and waits for a certain amount of time or a particular event (running a bit torrent client for example) it would be much harder for the average pirate to equate that malware with a program they've recently downloaded and attempted to install.

    I say "average pirate" because I feel the vast majority are just regular folks, the kind that don't know much about the inner workings of computers and all the different kinds of social engineering malware authors use. You know, the kind that are happy when their computer works correctly but need someone else to fix it when it doesn't. They simply like getting things for free that just work out of the box (so to speak).

    I think only a small percentage of pirates have actually done their homework, keep up to date, and are mistrustful of absolutely everything/everyone. You know, the kind that employ and regularly maintain a myriad of security tools on their PC, knowing what each does and how each works.

    What amazes me is how long it took for malware authors to finally take advantage of this idea. I thought of it on day one, when the very first settlement letters started going out to alleged copyright infringers. I expected something like this to happen a lot sooner, when people were a little less knowledgeable about settlements and thus far more likely to be taken for a ride.

    It will be interesting to watch how this affects the so called "legitimate" law firms and their settlement schemes, the primary reason I got interested by such an idea in the first place.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.