Sites that come under the spell of Darkleech redirect certain visitors to malicious websites that host attack code spawned by the notorious Blackhole exploit kit. The fee-based package available in underground forums makes it easy for novices to exploit vulnerabilities in browsers and browser plug-ins. Web visitors who haven’t installed updates patching those flaws get silently infected with a variety of dangerous malware titles. Among the malware that Darkleech pushes is a “Nymaim” piece of ransomware that demands a $300 payment to unlock encrypted files from a victim’s machine.
Malware that disables computers and demands that hefty cash payments be paid to purported law-enforcement agencies before the machines are restored is extorting as much as $5 million from end-user victims, researchers said.
The estimate, contained in a report published on Thursday by researchers from antivirus provider Symantec, is being fueled by the mushrooming growth of so-called ransomware. Once infected, computers become unusable and often display logos of local law-enforcement agencies, along with warnings that the user has violated statutes involving child pornography or other serious offenses. The warnings then offer to unlock the computers if users pay a fine as high as $200 within 72 hours.
“A lot of individuals do pay up, either because they believe the messages or because they realize it is a scam but still want to restore access to their computer,” “Unfortunately, even if a person does pay up, the fraudsters often do not restore functionality.