Security experts are cautioning computer users that they could be targeted by a malicious SOPA “ransomware” virus that rekindles the witch-hunt targeting information sharing introduced last year by congressional lawmakers.
Hackers have brought the failed Stop Online Piracy Act back to center stage, this time by distributing a virus that demands the owners of infected computers pay a $200 fine for sharing copyrighted files, lest they want their hard drives destroyed.
The Stop Online Piracy Act, or SOPA, was defeated in Washington earlier in 2012 largely in part to a massive online blackout that encouraged websites to voluntarily shut down in protest of a law that would have reshaped the Internet and sanctioned outlets and users alike for unauthorized redistribution of any copyrighted material, including homemade karaoke clips, videogame walkthroughs and other streaming content. SOPA was shot-down before advancing far enough on Capitol Hill to earn itself on US President Barack Obama’s desk, but hackers are capitalizing on the scariness of SOPA by distributing a damning virus under its name.
An unknown number of users have so far been stuck with receiving ransomware perpetrated to be part of the “Stop Online Piracy Automatic Protection System.” After being infected with the virus, a screen tells victims, “your computer is locked,” all data has been encrypted and that only by paying a $200 ransom will they have their hard drives remotely returned to their previous state.
According to both a text warning and a splash screen sent along with the virus, victims are told that they have been added to the “SOPA Black List” for downloading or distributing either software, audio or video files protected by current copyright law, or for sharing materials illegal under in the US (such as child pornography or phishing software).
“As a result of these infringements based on Stop Online Piracy Act (H.R. 3261) your PC and files are now blocked,” the warning reads. From there, victims are told to buy a $200 voucher from any retailer that sells Moneypak-brand prepaid cards, then send the ID number associated with that account to an email addressed hosted as sopasystem.com.
“In 24 hours we will send your unlock code once payment is verified,” the hackers write. “Then enter your unclock code that you received by email from us and click UNCLOCK. Your computer will roll back to the ordinary state.”
“WARNING!!!: If you don’t pay the fine within 72 HOURS at the amount of 200 USD, all your computer data will be erased.”
Security specialists have since published several routes to remove the ransomware but warn that failing to free infected computers from the virus as quickly as possible could lead to future problems with performance. Don’t be deterred if you receive a separate sort of warning along the same vein sometime soon, though — the biggest telecom companies in the US say that they will begin imposing sanctions on customers caught sharing copyrighted material before the end of 2012 using a “six strikes” program that has been in the works for the last several years.