Security researchers at Symantec recently discovered a new piece of malware that, believe it or not, incorporates a number of themes from the hit TV show Breaking Bad. The malware itself primarily affects users in Australia and represents a new strain of an existing ransomware trojan dubbed Trojan.Cryptolocker.S.
The ransomware, which only targets Windows machines, operates by encrypting all of a user’s files and subsequently demanding a timely payment of $450 Australian Dollars (about $355 in U.S. dollars) to decrypt them. Failure to promptly make the $450 payment results in the decryption fee rising to $1000 Australian Dollars.
As the image below demonstrates, the message alerting users that their machine has been compromised prominently features the logo of Los Pollos Hermanos, the famed fictional restaurant that drug kingpin Gus Fring used as a front company throughout the series.
You’ll also notice that the supplied email for “support related inquiries” incorporates the name “theonewhoknocks”, an overt reference to one of Breaking Bad’s most iconic and memorable scenes.
Symantec notes that the ransomeware likely proliferates via old-fashioned social engineering techniques by masqeuerading as benevolent .zip file whose file name features “the name of a major courier.” Once the file is opened by an unsuspecting user, the ransomware is downloaded and installed onto a victim’s computer.
“The malware encrypts files using a random Advanced Encryption Standard (AES) key,” Symantec notes. “This key is then encrypted with an RSA public key so that victims can only decrypt their files by obtaining the private key from the attackers.”
Interestingly enough, once affected users hop to a payment page, the attackers link to a video tutorial which explains how one might acquire Bitcoins. Almost comically, the payment page includes the following piece of advice, “Note: When speaking to the Bitcoin exchanges its wise not to mention that you are paying for a ransom, they may refuse you.”
Per usual, the best way to avoid being hit with this Breaking Bad themed malware, or any type of malware for that matter, is to not download any type of unrecognized or suspicious file from the Internet.