Select Page

Our researcher Adam Thomas found this little gem today. It’s distributed with other malware, cracks and drive-by downloads. It purports to be a security warning from your Windows operating system.

Ransom_lame

Notice the “Visa, MasterCard, etc” – it doesn’t even bother to list all the cards it accepts.

Ransom_lame2

The really cool thing about it is that it takes FAKE credit card numbers as well as real ones!

Ransom_lame3

Thanks to Sunbelt Software researcher Francesco Benedini for help with the analysis.

Tom Kelchner


Fatal error: Uncaught wfWAFStorageFileException: Unable to save temporary file for atomic writing. in /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:34 Stack trace: #0 /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(658): wfWAFStorageFile::atomicFilePutContents('/home/eckelberr...', '<?php exit('Acc...') #1 [internal function]: wfWAFStorageFile->saveConfig('livewaf') #2 {main} thrown in /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 34