Anonymous ransomware – but who is hiding behind this malware’s mask?

Graham Cluley
Graham Cluley
@[email protected]

Here’s an interesting twist of the Reveton/FBI/police ransomware that has been plaguing internet users lately.

In this example, the malware that locks you out of your data, and demands £100 be paid via Ukash to gain access back to your files, claims to be from the Anonymous hacktivist group.

Anonymous ransomware. Click for larger version

Part of the message reads:

Sign up to our free newsletter.
Security news, advice, and tips.

We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.

Tango down!

Your computer has been hacked by the Anonymous Hackers Group and locked for the moment. All files have been encrypted. You need to pay a ransom of £100 within 24 hours to restore the computer back to normal. If the ransom is not paid on time all the contents of your computer will be deleted and all your personal information such as your name, address, D.O.B, etc. will be published online, after this has been done the processor, ram and motherboard will be fried. Any attempts to remove this virus will result in the consequences mentioned.

Of course, just as when ransomware victims see demands from cash on their computer seemingly coming from the police, they should be equally dubious about whether this particular attack originated from someone affiliated with Anonymous hacktivists.

Although, now I come to think about it, it’s not really possible for Anonymous to deny that it is involved. After all, being truly anonymous means that you don’t know what other people might be doing under the banner of Anonymous.

Ultimately, you can’t believe anything when it comes to Anonymous.

One thing is certain, however, and that’s the need to better protect computers against the threat of ransomware – whoever might be creating it.

Always remember to keep your anti-virus software up-to-date (Sophos detects this particular ransomware as Troj/Ransom-KI), and to run a tight ship when it comes to patching your operating system and applications to protect against vulnerabilities.

That way you’ll be making life much more difficult for the bad guys.

Hat tip: @abuse_ch

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.