New frightening ransomware uses sextortion tactics to force victims to e-mail explicit photos of themselves to an address named after an ex-porn star to regain access to their files.
Called Ransomwared and with the extensions .ransomwared and .iwanttits, the new malware requires topless photos to be sent to a Sasha Gray email address so that the owner’s files can be re-released.
Sasha Gray is a former extreme porn star that was used in 2015 in fake Russian news.
Cyber security company Emsisoft was informed of the threat of the new ransomware brand with its shady and operational demand and has released a new free decryption tool to help victims combat the ransom request.
Victims are asked to send nude photos to an email address named Sasha Gray, a former porn star who found her photos in Russian fake news in 2015
The first pop-up message from Ransomwared asking for explicit photos of victims
The following pop-up screen reads: “You are ransom! To restore your files, email us your t-ts to firstname.lastname@example.org ‘because it tries to put pressure on victims to send topless photos
Typically, ransomware attacks a computer or smart device by encrypting files and demanding payment in bitcoin or another cryptocurrency for return to the victim.
According to Emsisoft, the new sextortion scam presents a pop-up message about malware on the infected computer asking victims to email photos of their breasts to retrieve their files.
“The variant was probably made as a joke, but it doesn’t make it any less problematic for those affected,” Emsisoft threat analyst Brett Callow told Fast operation.
The Ransomwared pop-up is’ You are f —- d ‘before you continue’ Files are encrypted. Sow me your t-ts to decode it ‘.
The following pop-up screen continues: ‘You are ransom! To restore your files, email us your t-ts to email@example.com ‘.
Sasha Gray, 31, is a famous former adult film actress who was named female artist of the AVN Awards for the American Adult Video Industry in 2008, and won a total of 15 prizes for her work between 2007 and 2010
She made her more mainstream feature debut in 2009 in the film “The Girlfriend Experience” by Steven Soderburgh and appeared as a fictional version of herself in the television program “Entourage” after she withdrew from porn from 21.
Actress Sasha Gray quit porn at the age of 21, but is now dropped in the name of a new ransomware that requires explicit photos of yourself in exchange for unlocking your files
The actress got a hit on the Russian fake news using her 2015 image on Twitter
In 2015, the former extreme porn star also found itself as “Russian fake news.”
Her photo was used in VK (VKontakte), Russia’s response to Facebook, and claimed that she was a nurse named Sasha Serova who died in the struggle between Ukrainian troops and pro-Russian separatists in the Donbas war.
In response, she tweeted: “I love my Russian fans, but this propaganda goes too far. News that I was a NURSE killed in the conflict between Russia and Ukraine. # F – kpropoganda ‘.
Emsisoft shared photos of different breeds of the bird named tit because it joked that the ransomware does not know exactly what they are asking for in the malware pop-up window
Cyber security company Emsisoft has developed a decryptor to release files from Ransomwared without the victim having to e-mail explicit photos of themselves
Emsisoft jokes that they do not know for certain whether the new Ransomwared threat actor wants ‘body parts or birds – but we suspect the first – and we also do not know for sure how the actor would know whether these body parts / birds actually belong to the victim’.
They continued the joke on Twitter, shared a photo of a breed of tit, and wrote: “To unlock files that are encrypted by. iwanttits, you don’t have to send a bitcoin – just a photo of your t-ts. If you would rather do that than use our decryptor, here’s a photo that you can use. ”
Nevertheless, victims are not forced to send, Emsisoft has released a new, free decryptor for Ransonwared that releases files without victims having to comply with the ransom request.
This is not the first time ransomware has requested nude photos in exchange for decoding files.
In 2017, a blocker named nRansom also excluded users from their computers and demanded that ten explicit photos be sent to an email address to gain access.
The malware claimed that it could verify that the photos sent were of the victim before the access codes were sent.