Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scammy Tech Support Sites Now Serving Up Ransomware (csoonline.com)

Posted by samzenpus on from the from-bad-to-worse dept.

itwbennett writes: One holds your files hostage, the other overcharges to fix nonexistent computer problems. And now they may be working together. On one scammy tech support site seen by Symantec, an iframe hidden on the page redirected to the Nuclear exploit kit, a popular one used to spread malware. What is unclear is whether the people running tech support scams are working with those who create and rent out the use of exploit kits and associated infrastructure or if the tech support websites have been compromised in order to redirect visitors to exploit kits. Either way, it could add up to a very big headache for anyone who falls for the scam.

14 of 43 comments (clear)

  1. People are people by the_Bionic_lemming · · Score: 1

    People buy alarms for houses and cars and maintain them. People buy dogs and run out and get help training them.

    Then there are the people that don't care about maintenance or learning how to maintain - and that's why a system that just restores factory fresh with the touch of a coupe of buttons is the best option for them.

    Frankly, as having been the "go to" family member to fix this crap - after 20 years, I'm sorta glad that they just reset their stuff and leave me alone.

    --
    _ _ _ Go for the eyes Boo! GO FOR THE EYES!
  2. A hidden iframe redirects to the ransomware ... by nickweller · · Score: 1

    "On one scammy tech support site .. an iframe hidden on the page redirected to the Nuclear exploit kit, a popular one used to spread malware"

    Are you not allowed to tell us what Desktop Operating System platform this maware runs on.

    1. Re:A hidden iframe redirects to the ransomware ... by nukenerd · · Score: 1

      Why does it matter? There really isn't any reason why the OS is relevant here. [blah blah blah etc]

      Calm down. A "Nuclear exploit kit" was mentioned. The GP asked what platform it ran on. Now can we have an answer?

      There's ransomware that runs on Linux.

      All the more reason to answer the question.

    2. Re:A hidden iframe redirects to the ransomware ... by nukenerd · · Score: 1

      You conveniently omitted the fact that Linux users are not terribly likely to run random binaries downloaded from questionable websites.

      In fact I have. A very polite and helpful Indian gentleman phoned me recently and warned me that I had a virus - and kindly offered to remove it. I followed his instructions to the letter, including downloading something called "Team Viewer". I watched with interest as he then opened a command line session and did things I did not understand. I realised why software companies are out-sourcing to India as these guys are obviousy very clever with computers.

      Afterwards I deleted that virtual machine image, which was for sandpit use anyway, and restored an earlier snapshot.

  3. Re:Ban encryption without backdoors by Anonymous Coward · · Score: 1

    It would also make it super easy to check and make sure someone's not being like, a pedo or communist or a Jap sympathizer, and we all know that the only people who would ever encrypt their computers are criminals or enemies of the state.

    Hell, we should just outlaw encryption entirely. It's double plus ungood to prevent law enforcement from looking at whatever they like at any time. Remember, the police are your friend!

    (Offer does not apply to certain socioeconomic classes, void where prohibited, Anonymous Coward Industries claims no warranty in the event that the police turn out to be, in fact, not your friend.)

    And hell, after we've violated your fourth and second amendments enough in this way -- yes, second, because you have the right to defend yourself with arms, not just firearms -- it'll be a simple matter to outlaw outdated concepts such as guns, curtains, or locks. After all, the police are our friends, and they may need to look in at us at any time of the day or night that they want.

  4. Re:Only LUDDITES get ransomware! by Anonymous Coward · · Score: 1

    Applebee's presents APP NIGHT! Get a choice of your favourite app and download our Applebee's app with your app! Choose any app, any app and app away!

  5. Neat... by profke · · Score: 1

    Going to a scamming site for tech support will actually ensure you need some...!

  6. The worthless Symantec link by scdeimos · · Score: 4, Informative

    Loading your Community Experience

    Fuck your community experience, I just want to read the blog entry. Javascript required? No thanks.

  7. Re:Ban encryption without backdoors by kubajz · · Score: 1

    It would help law enforcement track criminals such as terrorists and those who orchestrate scams such as ransomware. If they couldn't communicate with unbreakable encryption, it would be much easier to bring these criminals to justice and it would keep all of us safer.

    Yes but please be aware of the fact that so far there have been no cases where weak encryption would help, or strong encryption would hinder the terrorists. And in Paris, they apparently communicated through unencrypted SMS messages.

    Backdoors could also be used to unencrypt data that criminals encrypted with ransomware, allowing victims to recover their data without paying exorbitant prices to criminals.

    Unfortunately this would also allow criminal to unencrypt data that banks encrypted for their customers, or sensitive personal data that companies or government organizations are storing about people.

    Imagine how bad things would get if terrorists or hostile governments got hold of the backdoor access. How about companies installing backdoors for THEIR governments or just for their own corporation? How about if anyone in law enforcement decides to misuse the backdoors to find dirt on a political opponent? And finally - there is no way to stop unbreakable encryption, as long as one-time coding pads exist; so in each case, determined terrorists are not going to be hurt by this.

    So yes, there may be some reasons in favour, but I feel like more are against.

  8. Re:Ban encryption without backdoors by ElectricHellKnight · · Score: 2

    There are a couple of good reasons why all encryption should have backdoors. It would help law enforcement track criminals such as terrorists and those who orchestrate scams such as ransomware. If they couldn't communicate with unbreakable encryption, it would be much easier to bring these criminals to justice and it would keep all of us safer. Backdoors could also be used to unencrypt data that criminals encrypted with ransomware, allowing victims to recover their data without paying exorbitant prices to criminals. This is yet another good reason why all encryption should have backdoors that are available to the government.

    Most trolling nowadays is just terrible. This one works because it has excellent grammar and is actually semi-believable. My compliments. This is how it's done.

  9. Re:Ban encryption without backdoors by Zontar+The+Mindless · · Score: 1

    Back doors eventually become front doors.

    --
    Il n'y a pas de Planet B.
  10. Surprised? by gsslay · · Score: 1

    Amazing. It's like you imagine the scam tech support criminals would draw the line at ransomware, and the ransomware criminals would find tech support scamming morally beyond the pale. And never the two shall meet!

    They're criminals. Is it really such a surprise they will employ any method available to steal money from their victims?

  11. Better acronym by chris-chittleborough · · Score: 2

    The Symantec article uses the acronym PUA for "potentially unwanted application".
    I wish they had used the word "software" instead of "application".

  12. Scammers have day job at symantec by truck_soccer · · Score: 1

    If you've ever had the privilege of talking to one of these ESL scammer techs, you can hear them working in a loud call center. This leads me to believe that there is either a huge office building where people go to work as criminals, or they are actually support technicians working outsourced jobs for Big Software, and are doing the scamming on the side for extra coin. I could just be overthinking this and they're just some guy sitting in a smoky room playing a "call center sounds, compilation 3" cassette through a loudspeaker.