Website malware is something that we have covered quite frequently on this blog, but generally, it can be avoided with careful browsing habits and awareness of the types of websites you visit. Unfortunately, that can’t be said any longer. On December 31st, Cyphort Labs, a cybersecurity firm, detected a malware infection on the Canadian website for the Huffington Post. The security firm later confirmed that the malware was also present on several other mainstream websites.
The malware in question is a variant of one of the more frightening viruses to arrive in recent years called Ransomware. Once infected, the Ransomware virus takes complete control of a user’s computer and locks down all data before restricting a user’s ability to make any changes. American computers infected with the virus receive a fake message from the FBI. Those in France see one from la Police nationale and there are custom messages for Germans, Turks and U.K. residents as well. The purpose of the malware is to use scare tactics to extort money from users who are tricked into believing that their government has found illegal content on their computer. The message is clear, pay the associated fee for your (often embarrassing) crime, or face public prosecution. Unfortunately for those users who fall victim to the ploy, even if they do pay the fee, their computers will remain locked. The only good news is that unlike the more destructive CryptoLocker malware variants, Ransomware does not encrypt your files and is completely recoverable.