A City of London cybercrime unit – the National Fraud Intelligence Bureau (NFIB) – has issued a warning for TorrentLocker ransomware disguised to look as if it’s sent from UK institutions and corporations such as the Ministry of Justice, Home Office, and British Gas. TorrentLocker is malicious software that holds a computer for “ransom” until a certain amount of bitcoin is paid.
TorrentLocker is a clone of CryptoLocker, and as such works in a similar manner. Unsuspecting targets of TorrentLocker are usually sent an e-mail, and tricked into opening and installing an attachment. Once they have done that, the malware locks up the computer by encrypting all the files on it. It’s only after the victim pays a set amount of bitcoin to a certain bitcoin address that the computer is unlocked.
Furthermore, this latest TorrentLocker malware has an additional feature as well. Instead of just attachments, the new e-mails also include links to a web page. If this link is followed, users are asked to fill in a CAPTCHA box with the code provided. And once this code is submitted, TorrentLocker will automatically download onto the targeted computer to – similarly – encrypt all files and demand a ransom.