In association with heise online

08 May 2013, 11:03

Child pornography trojan becomes more aggressive

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

German trojan icon

Anti-Botnet Advisory Centre, a German anti-botnet advisory service, reportsGerman language link that a new variant of the BKA trojan attempts to blackmail the owners of infected computers with four pornographic pictures of children. The trojan claims that the owner has been found to be involved in illegal activity such as the "reproduction of pornographic material involving minors" and locks down the computer.

The computer actually does contain child pornography at that point – the trojan downloaded the pictures itself. To suggest an ongoing investigation, the malware displays the alleged names and dates of birth of the children in the four pictures. Users of infected systems will also see themselves, if the trojan detects a webcam. To avoid prosecution, victims are told to pay €100 (approximately £85) to the blackmailers via Ukash or paysafecard. Victims should, of course, do no such thing as the money will go straight into the criminals' pockets. Instead, infected systems should be checked with a virus scanner.

BKA trojan screenshot
Zoom The latest malware variant displays the logo of the BKA press office

The German anti-botnet advice centre recommends HitmanPro, an on-demand scanner that apparently also deletes the photos that the trojan has deposited on the system. In a quick test by The H's associates at heise Security, however, it turned out that this software may unnecessarily create worry with inexperienced users by reporting on a multitude of tracking cookies. If a system can't be disinfected with HitmanPro or another anti-virus program, a system restore will remove the malware from the computer.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit