A new scareware-ransomware hybrid attempts to convince users they are being sued in violation of the Stop Online Piracy Act (SOPA) and offers to remedy the problem if users purchase a fake antivirus solution.
The malware claims to have detected illegal torrent files on the computer and offers to circumvent the problem by activating an anonymous data transfer protocol, according to The Register.
SFX Fake AV was first detected by the free antivirus scanner, Malwarebytes. The malware reportedly disables any actual antivirus software on an infected machine, shuts off the Process Explorer program, and impedes browser access. It then prompts infected users to hand over their credit card information as payment for fake security solution.
“SFX Fake AV is morphing at a relatively fast rate, so it is something that signature-based vendors will have to watch out for as there will be an increasing number of variants in the wild,” Bruce Harrison of Malwarebytes told The Register. “Also, the use of Dropbox as a delivery mechanism is a something that the industry is going to have to take into account and protect against, as it is an emerging trend.”
SOPA began losing momentum late last year after the founding fathers of the Internet and a number of other prominent figures in the tech industry wrote a letter decrying the bill. SOPA was eventually shelved altogether following a loss of support from various influential corporations and a significant public outcry. Needless to say, you can’t get sued (or prosecuted) for violating a bill that never became law. But if you need a reminder of how that works, this video should help.
Similar schemes are somewhat common, though the ransomware and scareware we’ve reported on in the past generally tries to convince victims that there is something more menacing on their machine, like child pornography.