What is nRansomware? New malicious malware demands nude photographs instead of Bitcoin

Hyacinth Mascarenhas

Security researchers have discovered a new ransomware dubbed nRansomware that encrypts a victim's files and demands nude photographs instead of Bitcoin in exchange for a decryption key. Ransomware is a particularly nasty type of malicious software used to extort money from victims.

Researchers at MalwareHunterTeam spotted the malicious malware and posted a screenshot of the message displayed on a victim's computer screen when infected, Motherboard first reported.

Trending: Uber stripped of licence to operate in London

"Your computer has been locked," the ransom message reads before asking the victim to email the hackers. "We will not respond immediately. After we reply, you must send at least 10 nude pictures of you. After that, we will have to verify that the nudes belong to you.

"Once you are verified, we will give your unlock code and sell your nudes on the deep web."

Don't miss: Bill Gates reveals the one thing he regrets about Windows

The message is displayed on top of a background filled with several images of the popular fictional children's character Thomas the Tank Engine along with the text "F**K YOU!!!" in bold.

Researchers also noted that the malware seems to play looped music in the background from a file called your-mom-gay.mp3 which is actually the theme song of the HBO Show "Curb Your Enthusiasm".

Most popular: Are you being watched? Government spy tool found hiding as WhatsApp and Skype

Motherboard reported that the malware appears to be legitimate with the file "nRansom.exe" classified as malicious by multiple antivirus engines, including VirusTotal and Hybrid Analysis.

It is still unclear if and how many people were hit with the new ransomware, who the perpetrators behind the malware are and how serious are they on their threats to acquire and sell the nude photos acquired from their victims.

IBTimes UK has reached out to MalwareHunterTeam for comment.

In the first half of 2017, two major outbreaks – WannaCry and NotPetya – infected tens of thousands of computers globally and crippled businesses in more than 100 countries.

A recent study revealed that approximately 5% of small-to-mid-sized businesses (SMBs) around the world were hit by ransomware this year with an estimated $301m paid to ransomware hackers from 2016-17.

FedEx, whose subsidiary TNT Express was significantly disrupted by the NotPetya cyberattack in June, revealed it cost the company an estimated $300m in lost earnings.

Meanwhile, hackers have targeted a slew of celebrities in recent years in a number of celebrity photo-hacking scandals, leaking private nude images and personal information online.

In June, threat actors going by the name "Tsar Team" infiltrated the servers of the Grozio Chirurgija chain of plastic surgery clinics in Lithuania and published tens of thousands of "before-and-after" images and some nude photos of plastic surgery clients and their private data. The hackers demanded up to £2,000 to have the files removed.

"We don't want any glory from it," one of the hackers told IBTimes UK. "We just want to live a better life, hacking is just good business for us."

In light of the new ransomware demanding nude photos rather than money, Adam Katz, technical leader in threat research at Cisco's Talos Security tweeted, "Ransomware w/ foul-mouthed Thomas the Train holding your data ransom for... nude selfies? This unfortunately feels like the tip of an iceberg."


You may be interested in: