01.03.08
Seychelles offshore company Global Voice threatens the world with new RansomWare demanding money for unlocking PC
This week a security researcher has warned the public that new “ransomware” locks up one’s PC and then demands USD 35 from the user to unlock it.
Alex Eckelberry, CEO of US security developer Sunbelt Software Distribution, said that the extortionists ask victims of the Delf.ctk Trojan horse to dial a 900 number, and added that the number they tell can be traced to a payment processor also used by hardcore pornography websites in order to charge for access to their content, and this processor is named “passwordtwoenter.com”.
According to a search on Google, the 900 number points to passwordtwoenter.com, which is a website registered to Seychelles offshore company Global Voice S.A. with registered address at Suite 13, First Floor, Oliaji Trade Center, Francis Rachel Street, Victoria, Mahe, Seychelles. This is a registered address of Seychelles offshore agent Mossack Fonseca & Co (Seychelles) Ltd.
Eckelberry informed that users infected with the Trojan see a full-screen message, which looks like an error generated by Windows. He also provided the wording of the message to help PC users recognise the virus. The wording is as follows: “ERROR: Browser Security and Antiadware [sic] Software component license exprited [sic]. Surfing PORN, ADULT and some other kind of sites you like without this software is dangerous and threatens with infection of your computer by harmful viruses, adware, spyware, etc.” The message includes update window that tells to click to activate new license. This leads to another screen that tells US users to dial a 900 telephone number as well as enter a personal identification number (PIN). If the number indicated on the page does not work, users get the instructions to dial alternate numbers - one of them is located in the West African nation of Cameroon, while the other is a satellite telephone number. After the Delf.ctk Trojan horse installs and runs, the user is completely locked out of the system, and, to return control of the PC, the user has to pay up dialing the number.