Bad news alert for Breaking Bad fans as their digital assets are under the radar of malware assaulters. A new crypto ransomware threat is detected in Australian cyberspace to take hold of computers and sensitive files, security researchers at Symantec have confirmed.

How Breaking Bad crypto ransomware works?

Symantec has discovered this new crypto ransomware malware which is called Trojan.Cryptolocker.S which is targeting Breaking Bad fans in Australia. Once infected a computer, Trojan.Cryptolocker.S encrypts all the files contained in devices including documents, pictures and videos and then claims a ransom of Australian $1,000 (which is approx (US$791) for users to decrypt those files. The malware programmers use a Breaking Bad themed ransom demand message which illustrates ‘Los Pollos Hermanos’ branding image. Additionally, the malware authors also depict a quote of Walter White, the protagonist of the series which reads “I am the one who knocks.”

When asked which method is used by this crypto ransomware malware authors, security researchers at Symantec has revealed “We believe that the crypto-ransomware uses social engineering techniques as a means of infecting victims” in their blog post. According to Symantec researchers,

“The malware arrives through a malicious zip archive, which uses the name of a major courier firm in its file name. This zip archive contains a malicious file called ‘PENALTY.VBS’ which when executed, downloads the crypto-ransomware onto the victim’s computer. The threat also downloads and opens a legitimate PDF file to trick users into thinking that the initial ZIP archive was not a malicious file.”

This Trojan.Cryptolocker.S ransomware is using “open-source penetration-testing project” which enables malware programmers to execute PowerShell script on affected computers and run the crypto ransomware Trojan file. When compromised, attackers lock files using Advanced Encryption Standard (AES) key. Thus, computer owners will only be able to decrypt the when they will get the private key on payment of ransom. The ransom also includes a tutorial video which shows the steps of obtaining the private key by paying with the cryptocurrency. To protect your valuable data from such crypto ransomware attack, use total protection security software to keep a regular backup of your data as well as safeguard against threats coming from social engineering channels.