New ransomware threat "Browlock" freezes computers and demands payment

Share this article:

Security firm F-Secure is tracking a new "ransomware" family known as Browlock, which spreads by tricking unsuspecting web surfers into believing the police are after them.

Researchers said they have detected infections on machines in the United States, Canada and the U.K. And now, other countries are experiencing attacks. F-Secure traced the attacks to a server in St. Petersburg, Russia.

If users surf to a compromised site foisting the scam or click on a malicious ad, their screen becomes locked, and a message is displayed. The messages are customized to appear like they come from federal authorities in the victim's home country or region, including the European Cybercrime Centre and the Royal Canadian Mounted Police.

Users are told they have violated the law because either they have committed copyright infringement, viewed or distributed child pornography, or unknowingly allowed their computer to be accessed to install malware. They are further advised that to unlock their computer and avoid prosecution, they must pay a fine of, in one case, 200 pounds, or $310, through an online payment site.

"This ransomware is very simple, and just uses the browser to display a lock screen demanding the victim to pay a fake fine and plays tricks to prevent closing the browser tab," F-Secure Labs wrote in a blog post.

Ransomware scams are prevalent. The FBI has estimated criminals profit roughly $150 million annually through the ruses.

Victims are advised to keep their anti-virus technology up to date and to never pay the miscreants behind the scams. Removing ransomware is usually possible with the help of a security solution, but oftentimes the process can be complicated and may require restoration of one's operating system, which could result in the loss of documents or applications.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.