Ransomware makes child porn menaces in broken English

Earlier this week, the researchers at SophosLabs examined a new strain of ransomware that had been discovered in the wild.

The malware encrypts files on the victim’s computer – and demands that a ransom is paid for the safe return of their contents.

Users whose computers are hit by the malware are told to respond with a unique ID number to a Gmail or Live webmail address for the password that will unlock their data.

Sign up to our free newsletter.
Security news, advice, and tips.

You can imagine how disturbing this could be to a computer user who did not have a reliable recent backup of their important documents, spreadsheets and databases.

What makes things even more menacing is that the cybercriminals don’t rely purely upon the loss of data access to be an incentive to pay the ransom of 3000 Euros. They also threaten to contact the police with a “special password” that will reveal spamming software and “child pornography” files.

Ransomware message

Your files has been descryptes using 256-bit Advanced Encryption Standart. To decrypt your files send us email with your ID to our special email: [REDACTED] or [REDACTED]

Because your computer has been hacked or someone spamming from your computer. You must pay a penalty within 96 hours otherwise we will send report to the Police with special password to decrypt some files wich contains spam software and child pornography files. (this special password is only for this files, not for all your files. Password for all your files we will send you only after payment). If first 48 hours will be ended you must pay 3000 Euro.

Enter password for the encrypted file: ______________

There may be nothing in the hackers’ threat of contacting the police and making accusations of child abuse material on your computer, but you can just imagine how petrified many people might be by seeing such a message.

Ransomware. Image from ShutterstockThe threat may be worded in broken English, but the vulnerable – without reliable backups – might feel tempted to pay up the ransom rather than run into possible trouble with the authorities.

Of course, we don’t recommend paying money to ransomware extortionists. There’s nothing to say that they won’t simply raise their ransom demands even higher once they discover you are prepared to pay up.

As always, keep your security patches and anti-virus solutions updated, your wits about you, and ensure that your backups are current and working.

Laptop with pistol image, courtesy of Shutterstock.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.