View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Porn related malware doubles for the month

Kovter targets those who visit adult websites.

By CBR Staff Writer

The number of porn site-related ransomware, known as Kovter, has doubled during the past month from 7,000 infections to 15,000, security researchers at Damballa have found.

Kovter targets users of adult websites, taking control of their computer or mobile device, according to a blog post by threat researcher Gina Pimentel.

"The malware scans your browser history searching for adult websites and associated cached content, which it presents on the splash screen while locking your computer as ‘evidence’," she said.

Even if no adult site browsing history can be foud the malware creates that evidence by redirecting the user’s browser to a randomised porn site before logging and retrieving content.

Similar to other ransomware, Kovter takes control of computer, splashing a message that the user has broken law, scaring users that it could attract severe fines and prison.

Subsequently, it asks to pay a fine of around $300 before the deadline to continue using the system normally.

Pimentel from said like any good blackmailer, Kovter tries to shame its victims into silently paying the fine and keep their extortion attempts secret.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"It’s important to note that paying the ransom will not remove the malware from your system or restore your computer functionality in most cases," Pimentel said.

Threat actors Kovter ransomware ask their victims to pay through MoneyPak in the US while in other locations Ukash and paysafecard are used as payment method.

"These payment methods give attackers untraceable, readily accessible funds in electronic cash with no red tape," Pimentel added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU