NSA-themed ransomware exploits recent government leaks to scam PC users

FBI-themed ransomware has been around for a long time, scaring non-tech savvy computer users into believing the government agency had identified them as violating various laws, threatening jail time if a "fine" isn't paid immediately. While many have fallen prey to the scam, never before have users been so vulnerable towards believing the nature of these attacks as now, in light of a myriad of leaks showing government spying on domestic data. Scammers have taken advantage of this public fear, generating NSA-theme ransomware telling users they've been pegged for various crimes under the PRISM program.

The latest variety of ransomware works the same way the FBI-themed version does, infecting a computer and locking the browser down so that one cannot get rid of the warning screen. The malware offers both a picture of police officers and logos for the NSA, FBI, and the Justice Department, including a large logo reading "NSA Internet Surveillance Program PRISM Computer Crime Prosecution Section".

Users are advised that their computers have been locked "due to suspicion of illegal content downloading and distribution," and also includes some lewd images allegedly found on the user's computer. Tossed into the mix is some official looking U.S law codes relevant to the topic, as well as "collected technical data" showing the user their IP address, country of origin, and operating system.

Users are told they will be sentenced to between 6 months and 10 years in prison and be fined up to $250,000 USD if they fail to pay a "mere" $300 fine. If the fee is paid, they're advised their "case" could be classified as "occasional/unmotivated" and they won't be punished further. Of course, the fine is paid via MoneyPak, and the users are advised of various retailers where they can buy it.

If the fee is paid, the ransomware stops blocking their browser, making it seem even more official. Of course, a sensible look at the page shows many indicators that it is false, but to those who know little about computers or who have heard mention of the NSA and PRISM, the hijacking could be enough to prompt one to drain a few bills from their checking account.

SOURCE: TechDirt