A new malware poses as SOPA alert

Sophos engineers have warned that a new ransomware claiming to be an alert from the “Stop Online Piracy Automatic Protection System.” is spreading like fire.

“It goes on to tell you that your computer is on a ‘S.O.P.A. IP Black List’ because it was used to download copyright infringing materials, child pornography or illegal software,” according to Sophos’ Chester Wisniewski. “The malware encrypts all of your data files and holds them hostage, offering to decrypt them if you pay a fee to the criminals.”

“Now that the unwitting virus victim is terrified, the program goes in for the kill by warning that those who ‘don’t pay the fine within 72 HOURS at the amount of 200 USD all your computer data will be erased,’” said Betabeat’s Steve Huff. “The ransom can be paid by a prepaid MoneyPak voucher or Western Union, depending on the victim’s location.”

“The Stop Online Piracy Act, or SOPA, was defeated in Washington earlier in 2012 largely in part to a massive online blackout that encouraged websites to voluntarily shut down in protest of a law that would have reshaped the Internet and sanctioned outlets and users alike for unauthorized redistribution of any copyrighted material, including homemade karaoke clips, videogame walkthroughs and other streaming content,” RT wrote.

“In the same way that phishing emails often appeal to a victim’s emotions or expectations of a future event — consider the tax rebate, student loan company mistakes or banking communications we receive on a daily basis — it seems that virus makers are also jumping on the social engineering wagon,” according to ZDNet’s Charlie Osborne.

“The worst part about these scams is that paying won’t solve anything,” WebProNews’ Zach Walton said. “They want your money and your data. By paying, you’re just giving them access to both. Thankfully, these kind of viruses are also incredibly easy to remove. There are many ransomware removal walkthroughs available, but this one from YooCare has proven to be the easiest to follow.”