PSA: Don't Kill Yourself, Literally, Over BS Ransomware
from the tragic-lies dept
We’ve talked about ransomware in the past, the process by which criminals pose as either rights holders or law enforcement to convince people that they must pay large sums of money for transgressions in order to avoid serious jail time. Copyright infringers have frequently been targets of these kinds of lies and, more recently, NSA-themed ransomware has begun to appear. While the more savvy internet user may realize that these threats are great big steaming piles of crap that can be cleansed with an antivirus program, more naive folks can understandably have the hell scared out of them and find themselves devulging credit card information.
But we’ve reached a new level of tragedy when it comes to this kind of criminal endeavor, with one Romanian man reacting to ransomware in the extreme, killing himself and his young son as a result of his machine’s infection.
The report of the tragic incident comes from the small Romanian commune of Movila Miresii which is made up of three small villages and located in Brăila County in the east of the country. Local paper Braila24 reports that Marcel Datcu, 36, hanged himself in the living room of his home along with his four-year-old son Nicusor. The report claims a suicide note left to his wife explained that the reason for taking his own life was:
“I received a warning [on my computer] that said I have to pay 70.000 lei [£13,000] or go to prison for 11 years.”
Just so we’re clear, there is obviously something else going on with this man other than his simply receiving a ransomware infection. To kill yourself is horrific enough, but to take the life of a young child over any amount of money or years in jail is tragic on a level that defies scale. I imagine there is likely a serious mental health issue at hand here, otherwise I’m completely at a loss.
With that said, nobody should pretend for a moment that the acts of malware distributors should be completely absolved in this case. The impersonation of law enforcement and threats of jail time deserve reprecussions on their own, but to have contributed to the mental breakdown of this man, which tangentially contributed to a suicide and a murder, must not go unnoticed. Many of us wave these kinds of attacks off as the cost of doing business when it comes to internet browsing. That isn’t enough.
Instead, serious educational efforts should be taken on to inform the public of these kinds of threats. The silence from those that “legitimately” engage in these threats (law enforcement, copyright trolls, etc.) is deafening. Were they smart, they’d be out in front of this story, letting everyone know that they would never engage in such malware infection as a threat tactic. Unfortunately for them, so many stories of their underhanded actions have come out that I’m not entirely sure how many people would trust them.
Still, people need to know the farce that this kind of malware is, lest we let similar tragedies like this one continue to occur.
Filed Under: overreaction, ransomware
Comments on “PSA: Don't Kill Yourself, Literally, Over BS Ransomware”
That is really sad 🙁 That poor kid I can’t imagine what his mother must be going through.
I don’t understand the reasoning behind killing the child too.
He should have hung himself first. Disgusting.
Re: Re:
So the child couldn’t be used as leverage?
Re: Re:
Maybe he figured he doesn’t want his son living without a father? Like the OP said, there is probably something else going on here. Surely he knows someone he can refer to who would be able to tell them this is just a scam.
I’ve had people go into mad panics because of Ransomware. None of them (quite) reached the point of suicide though I did have one come close. A lot of them seem to be visiting ‘iffy’ sites when they pick up the crap and then they get very very scared.
Once (and only once) I bothered to do a full exam of the computer and there was nothing illegal on it. It’s just the warnings (and they way that they are phrased) which manage to get to people, or at least it gets to the type of people who get Ransomware in the first place.
I suspect there’s a lot more to the story, but I can certainly see it happening.
I don’t condone the killing of a child for any reason, but from the logical standpoint: the man perhaps saw no other way out, and didn’t want his son to live with the imagined stigma that would be caused by him going to prison (I say imagined cause it was a malware thing), so he decided to take both their lives to escape that.
A tragedy indeed. I hope the bastard(s) who sent that malware choke on their next meal. This didn’t have to happen.
I apologize in advance if this actually was a tragedy, but my BS detector went off the charts with this one.
Looking at the current front page of IBtimes, they have stories of Lady Gaga’s eating disorders, “Flesh eating drug turns skin to scales” and “Two-Year-Old Children Watching Online Porn, Shock Survey Finds.”
I look to TD for legal/policy commentary and discussion, not color on SHOCKING REALLY TRUE EVENTS FROM REALLY FAR OFF PLACES REALLY! AND REALLY SHOCKING REALLY!!! AND SHOCKING TOO!!! REALLY!!!!!
Re: Re:
unfortunately it was a real event here in Romania. IBTimes is just of the many sites that just relayed the story:
https://www.google.com/search?q=Marcel+Datcu
http://news.softpedia.com/news/Romanian-Man-Commits-Suicide-After-Police-Ransomware-Tells-Him-He-Must-Pay-Fine-431882.shtml
and a lot of other places.
Re: Re:
Even the Daily Mail manages to fit in an article based on fact between its pages of celebrity gossip and outright lies. Sadly, this one appears to be true. The primary (Romanian language) source cited in other articles is here:
http://braila24.ro/update-primul-om-din-lume-care-s-a-sinucis-din-cauza-unui-virus-informatic-va-fi-inmormantat-azi-alaturi-de-fiul-sau-galerie-foto-35967.html
SEO fodder
And many more don’t understand the NOFOLLOW attribute does nothing abpout their SEO activities.
Re: SEO fodder
I suspect someone who knows enough to know what a Nofollow attribute is probably isn’t going to be the target market for randomware.
Don't be fool
How disgusting is this; a bullshit excuse or i can say a fool mind that took such a rubbish decision. He must be mad nothing else.
My parents are largely technologically handicapped, impaired, you name it. That said, I spent a lot of time giving them advice on how to have secure online habits (my father had the habit of opening anything in e-mails, including scam related things and mother would click anything anywhere). After patience and a lot of talking they are now virus/malware/spyware free for more than an year. When they are in doubt they call me. And I find it very healthy.
So basically we need to raise awareness yes and we need permanent, free help lines so people know where to turn to. It doesn’t take technical knowledge to be able to help. “Mister, I received this e-mail from NSA saying…”, “NSA does not send e-mails ma’am, you can discard it.” or “Mister, Bank Z sent me a mail saying I have to update my personal data with this link.”, “No Bank sends e-mails with links unless you specifically asked for. If you have doubts do not hesitate to contact your Bank.” and stuff like that. You can have general awareness campaigns too as in “If your religious friend that sends you tons of Jesus stuff sent you a power point presentation with hookers or gore chances are he was infected by a virus so don’t open it. If you aren’t sure reply asking if he intended to send that.”
Small steps would render the entirety of this “market” completely unprofitable.
Re: Re:
Small steps would render the entirety of this “market” completely unprofitable.
I agree that education is one of the solutions. The problem is that we also need to fix the problems that make it easy for these criminals to operate. It works great to tell my parents to not respond to emails that look like they are scams, up until the bank they actually use sends an email to them that looks like a scam email even though it is real and they get penalized for not responding. It works well to tell my parents to use a unique/random password for every service they use and store the password in an encrypted vault, only to have Amazon respond to a phone-call from a scammer who asks Amazon to change the password to their account and then asks them if they want access to their e-books to pay him off. Educating users not to open attachments from people they don’t trust only works up until worms start distributing themselves using address books, and many browsers make it difficult for the user to determine if the file is invoice.pdf or invoice.pdf.exe.
They can only be as secure as the services/companies they use, and quite frankly, I believe most of these companies are screwing the pooch and then blaming it on the whistle-blowers who discover the flaws and let them know about them, or ignoring the problem until millions of card numbers get published. It is just too easy for the companies to ignore security right now, because it is easier to just take the loss since the people who are actually losing the most right now are the customers.
The problem becomes far worse when the criminals are able to easily infiltrate or set up their own help-lines. How many people are roped in by the Windows Technical Support calls? The same people we want to save are the same people these criminals are targeting with their “your computer is sending signals to our server that says you are infected with a virus.”
Re: Re:
Too many laws. People, especially those who don’t understand computers, get to be too afraid of being prosecuted themselves for reporting suspicious activity.
“Was that an illegal website?” “Did I just download copyrighted material when I visited that page?” “I heard child porn could be on mt computer without my knowing about it.”
Re: Re:
I just installed Linux Mint on my mom’s desktop. Problem solved.
Since the NSA, GCHQ and other every 5-eyes intelligence service, plus others, are collecting all internet traffic in Europe (allegedly) it should be a simple matter to catch the scum-sucking sewer rats behind these attempted extortions.
Should it not?
Re: Re:
Yes, it should. Unfortunately, these scum-sucking sewer rats (great phrase) are not a priority for law enforcement anywhere in the world, nor have they been unless either (a) someone is up for re-election and needs press conference fodder or (b) they attack a corporation or a government.
As long as their efforts are directed against ordinary citizens, they can operate with near-impunity. And if they clothe their abuse in the veil of a “legitimate company” then they can quite often be incredibly successful.
Side comment on convergence of abuse
” Many of us wave these kinds of attacks off as the cost of doing business when it comes to internet browsing. That isn’t enough.”
One of the things that’s happened during the past decade or so is that the somewhat-independent categories of abuse (e.g., malware distribution, spamming, phishing, identity theft, botnet operation, DoS attacks, DNS cache poisoning, BGP attacks, network allocation fraud, etc.) have converged.
In other words, these tactics (and many others I haven’t listed) are no longer used, for the most part, independently of each other, but in combination — and the people using them are no longer isolated, but are working together. Thus for example we might see spam used to propagate malware designed to set up a botnet, or we might see a botnet used to host child pornography which in turn is used to extort the former owners of the botted computers.
I bring this up at this point and in response to the quoted comment above because the comment is dead accurate: we can’t just brush these things off. Not any more. The people behind spam and phishing and botnets are smart, aggressive, dangerous and ruthless: they are sociopaths who pose a serious threat to everyone on the Internet, often in subtle ways that are not on the radar but surface once in a while in stories like this tragedy.
Re: Side comment on convergence of abuse
I still get Nigerian scam artists trying to scam me out of money. Somehow they got my phone number and called, they got my e-mail address and started spamming me, etc… I already told them several times I’m not interested in their nonsense and there is no way in heck I’m going to send them a penny. They still never give up it seems.
Re: Re: Side comment on convergence of abuse
Incredible, I only was seeing their emails way back when I got online in 97 and I knew it couldn’t be real by default.
Scary Thing
It is tragic that people know their government has the power to issue a threat of many years in prison based on something as innocuous as visiting a website.
Re: Scary Thing
You sir, may have hit the nail on the head. When you hear about people being sued for $750,000 per song, it makes these kinds of spam notices seem very real.
Re: Re: Scary Thing
add to that extradition requests from countries for basically nothing, either absolutely minor bullshit or things that aren’t a crime where you are from and you have to wonder why this hasn’t happened yet. Or maybe it did but nobody noticed or cared.
The governments (mainly US and their lackeys) doing this and the corporations (mainly MPAA and RIAA and tehir ilk) behind this should have to take the majority of the blame here, since they are the ones who paved the way for this.
>romanian
im more surprised he could afford a computeehr. tho he was probably killed by the gypsi mafia
Re: Re:
Yes, let’s forget that Romania was ranked 5th in average internet speeds last year, and 2nd in Europe. Broadband internet is available almost anywhere, unlike the US.
I’m an American, and proud to say it, but comments like your’s have no place outside the 1950’s.
Education
This story is why I advocate for basic education before people should be allowed to use a computer or get in the internet. After all, you don’t give someone a car and tell them to go drive without any training.
Second, how are people getting these infections? If they’re clicking on “invoice.pdf” when it’s really “invoice.pdf.exe”, then shouldn’t some of the blame fall on Microsoft for hiding the actual file type?
Third, I would tell people to never, ever click on a link that comes from a “bank” or PayPal. Even if it looks 100% legit, always open a new browser window, log in, and check your account.
The one time you think it’s safe to click a link will be the one time your computer gets infected.
Re: Education
“After all, you don’t give someone a car and tell them to go drive without any training.”
Actually, in some states, you can. If you manage to pass the tests, they give you your driver’s license. In California, you have the practical test with the DMV agent, but they can be fairly lenient. I know of a few people who never took driver training classes, but studied the book, passed the written test, barely passed the practical, and have been driving for 20 years now (and some of them I will not ride with because they are really, really dangerous.
But even then, there are many things from a security standpoint that you never hear in college computer classes. In my CS curriculum, there was only one class I took specifically related to security, and it was mostly cryptography, and a couple classes indirectly related to security (networking, system admin.) I had to learn to hack and defend myself, on my own.
“If they’re clicking on “invoice.pdf” when it’s really “invoice.pdf.exe”, then shouldn’t some of the blame fall on Microsoft for hiding the actual file type?”
Microsoft should bear most, if not all, of the blame. If you are going to hide something from me, the user, you better have a really good reason for doing so. Which is why I don’t use Microsoft at home. I never have a problem with seeing invoice.pdf.exe (and with WINE locked down, it won’t run .exe anyway.)
“Third, I would tell people to never, ever click on a link that comes from a “bank” or PayPal. Even if it looks 100% legit, always open a new browser window, log in, and check your account.”
I wouldn’t either. Well, at least until I got a bank that only supported their online stuff through email (you had to go through so much effort to get a live support person on the phone, and even then, the person you got was from half way around the world and couldn’t understand what you were asking for even though both of you spoke English,) and they would send you important stuff like temporary passwords through unencrypted email with links to change your password (from one of the largest banks in the US.) When you have no control over who your mortgage gets sold off to and the only way to get away from them is to spend more money to refinance your loan, only to get sold right back to them, sometimes you have to change your standards.
:..Don't Kill Yourself, Literally, Over BS Ransomware"
Ransom-ware is only done by criminals. Which means, if they contact me for payment.. They will only receive the first wave of my bullets. 5,000 rounds of “Hey! Thanks for stopping by MF!” Death to ransom-ware developers. I mean it, Literally. Law-enforcement will only be contacted after the fact, due to their piss-poor response times.
Re: :..Don't Kill Yourself, Literally, Over BS Ransomware"
When seconds count, the cops are only minutes away!