Ransomware is not new to the malware game but there is one especially dirty player that is surfacing more frequently. Damballa’s threat research team has seen infections related to the Kovter malware double over the past month – up from 7,000 infections to about 15,000 infections. As with many other varieties of Ransomware, the threat operator takes control of your computer and displays a message saying you broke the law. The ‘ransom’ is to pay a fine (typically around $300) to regain normal use of your computer. The warning states you will face severe fines and prison time if you don’t pay the fine before the deadline.
In the US, Kovter uses the prepaid card MoneyPak as the payment method of choice while Ukash and paysafecard are used for victims in other locations. These payment methods give attackers untraceable, readily accessible funds in electronic cash with no red tape.