Political Themed Ransomware is Finally Here
Trump and Clinton Ransomware Hits the Internet
Cristal M Clark
I’ve actually been wondering where our political themed ransomware is, like scammers have literally tried everything else right? Well the good news is, political themed ransomware is finally here.
Cisco Talos Group discovered a payload named Trump.exe meaning that malware developers have finally begun to add some politics in with their malicious payloads.
Cisco Talos found the politically-themed payload while investigating a recent MalSpam campaign, then they decided to look into other malicious programs that contained political references or themes and found hundreds of other examples.
The Talos Group discovered a ransomware called the “Donald Trump Screen of Death,” which is a screen locker. The screen locker attempts to lock users out of Windows while showing them various pictures of President Trump, which gives me daymares honestly.
They also found a program called the Trump Crypter which is used to obfuscate malware code so that it cannot be detected by security software.
This actually has been going on for just a little while.
Does anyone remember the “CIA Election AntiCheat Control” that had been discovered back in 2016, that showed a picture of Hillary Clinton and Donald Trump that told victims to send $50 or their vote in the upcoming election wouldn’t count?
Then there’s the harmless program called Dancing Hillary that allowed users to make Hillary Clinton dance.
President Barack Obama’s likeness has sadly also been used by malware developers to create an injector with an Obama theme. This injector can be used to inject malicious code into legitimate processes in an attempt to evade security software.
And because 2020 is an election year, my guess is we are going to start to see a hell of a lot more of this going around.
Cristal M Clark