A publication from BleepingComputer reports that a man known as “Pornopoker” has been arrested by Russian authorities, for writing and distributing ransomware. His real name is yet to be released.
Pornopoker, allegedly a 40-year-old man from Volgograd, Russia, was arrested at the Domodedovo International Airport, located near Moscow. He was caught by Russian authorities after he returned from Thailand where he was hiding.
Officials reportedly arrested an accomplice Pornopoker worked with, although no details regarding the arrest have been provided at the time of publication. According to the Ministry of Internal Affairs of the Russian Federation, Pornopoker admitted he was guilty, and voluntarily handed over his computer and SIM cards used to practice illegal activities.
A video of the 40-year-old ransomware master’s arrest can be found on YouTube:
His ransomware locked users’ computers and displayed a message perpetrating to be from Russian authorities: either from the police(MIA), the Secret Services (FSB), or from the Federal Bailiff Service. Users were told in the message they had to pay a fine as they had watched pornographic materials. After the payment, they would then be allowed access to their computers.
The Russian Ministry of Internal affairs warned its citizens not to pay criminals anything, as authorities would never lock a computer or a mobile device demanding payment in return. Such messages derive from either malware or a compromised website. The Ministry closes its announcement with a piece of advice to internet users: take security seriously and use security software whenever browsing the internet. In can prove crucial in some situations.
Ransomware’s popularity has surged
Ransomware has been pretty much everywhere this year, with several major instructions having to pay to see their data freed from the shackles of extorters. Among them, there are several hospitals who, due to their nature, pay up pretty quickly. According to a report from McAfee Labs Threats Report, healthcare providers had to pay over $100.000 to ransomware masters in the first quarter of the year.
Locky ransomware, for example, has been known to spread around through social media, in files opened by unsuspecting victims, which then lead to an encrypted computer and a $365 bill to unencrypt it. This has been made possible by vulnerabilities on Facebook and LinkedIn that allowed infected files to be uploaded and distributed.
Another report published by Motherboard claims popular ransomware Cerber made $195.000 in a single month, which would translate to over $1 million a year. The report even claims all of this money can be made by unskilled individuals who purchase the software in order to make a profit, even though the report states only about 0.3% of victims grab their wallets to pay.
A lot of cybersecurity companies such as Kaspersky Labs have already developed anti-ransomware tools, but these aren’t yet effective against every type of advance ransomware software out there. A much better method is to simply arrest the ransomware masters, just like Pornopoker.