Do not click on links or popups saying you are infected….

Do not click on links or popups saying you are infected….unless you talk to your local Dental IT provider.

A new variant of the Malware Protection ransomware has been released called Anti-Child Porn Spam Protection. This ransomware pretends to be from a legitimate government organization that states that the infected computer is sending out SPAM that contains links to child pornography sites. The ransom program then states that in order protect yourself, and others, it has encrypted your data using Advanced Encryption Standards, or AES, encryption. Just like the Malware Protection and the ACCDFISA Protection Program variants, these files are not actually encrypted but are password protected files. The hackers then require you to send them a Moneypak, PaySafeCard, or Ukash card for values ranging from $500 – 1,000 USD in order to get the password for your files.

Anti-Child Porn Spam Protectionscreen shot

When first run, this program will scan your computer for data files and convert them to password protected files.  It will then delete the original files in such a way that they cannot be undeleted using file recovery tools.   It will launch a program that also blocks access to your Windows environment.

Unfortunately, at this time there is no method to create the passcodes, though one may be created in the future.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply