New ransomware demands victims donate to the poor to unlock their data

Security researchers have identified a new kind of ransomware that forces victims to donate to the poor to recover their data.

Unlike typical ransomware, which cyber criminals use to extort money from people, this one – known as GoodWill – gives victims a choice.

In order to obtain the decryprtion key, they must choose to either donate clothes to the homeless, take under-privileged children to one of a number of restaurants for food or provide financial assitance to anyone needing medical attention that can’t afford it.

In each case, photos or videos of the action must be recorded and posted to social media as proof.

Only then, will they have their data returned to them.

The ransomware was uncovered by cyber security firm CloudSEK in March 2022. In a report detailing the discovery, the firm acknowledges that the people behind the virus are motivated by ‘social justice’ rather than money.

‘As the threat group’s name suggests, the operators are allegedly interested in promoting social justice rather than conventional financial reasons,’ the report stated.

‘The actors suggest that victims perform three socially driven activities in exchange for the decryption key: Donate new clothes to the homeless, record the action, and post it on social media; Take five less fortunate children to Dominos, Pizza Hut or KFC for a treat, take pictures and videos, and post them on social media; And provide financial assistance to anyone who needs urgent medical attention but cannot afford it, at a nearby hospital, record audio, and share it with the operators.’

What is ransomware?

A laptop displays a message after being infected by a ransomware (Credits: Getty)

Ransomware is a type of computer virus that takes over a victim’s PC and then locks them out of their own system.

It will often encrypt or steal files from the user until a ransom is paid – often this is asked for in untraceable cryptocurrency.

Ramsomware can be small, targeting just a few isolated users, or large – infecting entire companies or governments.

Nowadays, ransomware is common and deployed freely by hackers. It first gained mass conciousnes when it brought the NHS to a standstill in 2017.

During that attack, a type of ransomware called WannaCry infected 200,000 computers in over 150 countries.

NHS England reported at least 80 out of the 236 trusts were affected by the cyber attack and locked out of their systems. In addition, 603 primary care and other NHS organisations, including 595 GP practices were also affected.

The WannaCry incident ended up costing the UK £92 million, with global costs of the malware adding up to a whopping £6 billion.

According to the team at CloudSEK, they traced the group behind the ransomware back to an ‘India-based IT security solutions & services company’.

It’s unclear how prevalent the GoodWill ransomware is and how many, if any, have complied with the demands.

Source: Read Full Article