Few instances in life are as satisfying as turning the tables on online scammers and outsmarting them at their own game. Tech support scammers are among the most despicable of these, conning inexperienced computer newbies into forking over hundreds of dollars to fix problems that never needed fixing in the first place, or worse, were caused by the scammer himself. But occasionally, the stars align in a fit of cosmic irony, and the scammer crosses paths with an actual tech pro and that pro decides to have a little fun at the fraudster’s expense. Unfortunately for them, tech enthusiast Ivan Kwiatkowski’s idea of fun didn’t involve something as coy as wasting the other scammer’s time, but socially engineering them into installing ransomware on their machine.
After Kwiatkowski’s panicked parents accidentally stumbled on a fake website claiming that a virus had infected their computer, he decided to boot up an old Windows XP virtual machine and call the listed number. “Dileep,” the person who answered the call, goaded Kwiatkowski into downloading some remote-assistance client before attempting to demonstrate his “technical expertise” by literally typing “1,452 viruses found” into Windows command prompt — complete malarkey. Once the virus was “removed,” Dileep proposed that Kwiatkowski purchase a €299.99 (roughly $335) “tech protection package” to prevent future outbreaks.
Kwiatkowski continued playing along, feigning surprise and ignorance and reassured Dileep that an
“important businessman” will accept the charges. A number of false credit card numbers were submitted, but none obviously worked. After a second batch proved equally futile, the fed-up “tech support agent” went to fetch his “manager” to figure out a solution. At this point, Kwiatkowski was hit with a stroke of genius: noticing the remote control software the scammers were using could send and receive files, he decided to strike back by sending over a “present.”
Digging through his “junk” e-mail folder, Kwiatkowski found several samples of the Locky ransomware nestled within a bunch of zip files, grabbed one of them, and renamed it to make it look like a digital image. Kwiatkowski suggested that the incorrect credit card issue may be stemming from “the fact” that he’s old and has poor eyesight, and proposed sending Dileep an image of the credit card.
Dileep consented, accepted the file, opened it, and nothing happened — or so he thought. In reality, a malware program began silently encrypting files on his computer. Touché. At this point, he gave up and promised to call back the following Monday, after Kwiatkowski’s had time to contact him back. Suffice it to say, the call back probably never happened.
Source: Blog.Kwiatkowski.fr
Advertisement
Learn more about Electronic Products Magazine
