The FTC appears to have sued the makers of XP Antivirus, among others, out of business–to the tune of $163 million.
There will be no tears from me.
I dealt with this thing about a year ago, when a coworker got it after a houseguest opened an e-mail attachment. It could rightfully be called “randomware,” because until you paid the fee and “bought” the do-nothing program, you could do nothing with the computer, because it hijacked Windows’ executable file association.
Cleaning the infection was easy–I used a Linux-based Live CD–but getting the computer to run programs again took me several hours of research and work.
The way their software worked and distributed itself, the $163 million verdict may be a bit light. I don’t think criminal charges are the least bit out of line. A class-action lawsuit also seems appropriate, if there are any assets left to seize.
This is as good of a time as any to remind you of something I heard over and over again at a security conference last month. E-mail attachments are still the most common source of malware infection. Don’t open unexpected e-mail attachments. Ever. No matter how cool the person on the other end says it is. Just delete it. I’d tell you to reply back saying you don’t open unexpected e-mail attachments, ever, even from that person, but I know that doesn’t work. So just delete it.
The makers of the XP Antivirus ransomware are gone now, but since the it-can’t-happen-to-me mentality is so pervasive, software that uses similar tactics will stay around indefinitely. It’s a big game of whack-a-mole.