A pornography consumer who called the police in tears is among hundreds of Australians whose computers have been hacked by cyber criminals while viewing adult websites.
According to Fairfax, foreign gangs have been holding porn consumers ransom after infecting their PCs with viruses known as “ransomware”, which includes the “ukash”, “reveton” and “trojan.ransomlock” viruses.
The cyber criminals, who falsely claim to be members of the Australian Federal Police, “kidnap” a computer user’s data and demand a ransom for its return,
In this case, they have reportedly been activating the webcams on the users’ computers.
The viruses lock the desktop and post an incriminating image of the person on their screen before warning they have breached federal laws relating to child pornography, copyright or privacy, Fairfax reports.
The hackers then demand the victims pay a fine of $100 or $199 using a credit card or money transfer service.
They are threatened that if they don’t pay the fine within 72 hours, data files on the computer can be encrypted or wiped.
But even if a consumer pays a ransom for this kind of attack, it’s no guarantee they will regain control of their computer.
There has reportedly been a flood of calls from victims to the police and the Australian Competition and Consumer Commission.
“We’ve taken some very interesting calls. Some people are very open, while others swear they have been hacked while using Facebook. We had one guy who was almost in tears because they were caught in their underpants,” a police source told Fairfax.
AFP cybercrime operations manager Commander Glen McEwan said the Australian Federal Police does not solicit funds and that these threats are not associated with the AFP.
The AFP were last year forced to issue a similar warning about a cyber attack from hackers claiming to be from the AFP after an epidemic of “ransomware” attacks swept across the world.
Commander McEwan urged victims to report any cyber fraud to the ACCC website SCAMwatch.
This comes after two South Australian businesses reported being victims of an Internet extortion scam, prompting a police warning over “ransomware” attacks, in December.
“Ransomware is a type of malicious software (malware) used to lock a compromised computer – often encrypting data on the system and preventing it being accessed by its rightful owner,” police said at the time.
“Once a system has been accessed and compromised, the criminal behind the malware will demand payment to unlock or decrypt the data.”
Last year there was a spate of Internet extortion attempts reported to police, where hackers steal or encrypt private data, or claim to have done so, and demand payment for its return.
Last year Eastern European-based hackers targeted a Byron Bay primary school, encrypting its records and demanding $5000 to unlock them.
A Gold Coast medical centre targeted by Russian hackers In December month were issued a demand for a $4000 ransom to decrypt sensitive information on a server.
A bus company in Foster, NSW, was hit in a similar attack the previous month.
A study by computer security firm NCC Group found a dramatic increase in hacking last year.
The Origin of Hacks report found there were more than 1 billion hacking attempts worldwide in the final quarter of 2012, which was an increase for the fourth quarter in a row.
Symantec’s report “Ransomware: A Growing Menace” released In November found that the style of cyber attack had spread from Eastern Europe this year.
“The malware is highly profitable with as many as 2.9 per cent of compromised users paying out,” the report said.
Symantec said a “conservative” estimate was that ransomware cyber gangs were extorting $5 million a year but said the actual figure was probably much higher.
Tips to avoid ransomware:
1. Maintain current antivirus software that is obtained from a reputable source and is regularly updated.
2. Ensure the operating system is updated to ensure any security vulnerabilities are mitigated.
3. Use strong passwords to protect personal information.
4. Limit the amount of personal information placed on the Internet.
5. Do not provide financial or other personal information to people that you do not know and trust.
6. Never click on links contained within spam or unexpected emails.
This story originally appeared on News.com.au.