Laptop held to ransom by malware

HACKED: Lisa Tutty’s laptop was infected by malware. It demanded she buy a voucher to free up the computer with the infected laptop.
HACKED: Lisa Tutty’s laptop was infected by malware. It demanded she buy a voucher to free up the computer with the infected laptop.


A computer scam has hit Timaru.

Lisa Tutty was browsing the internet with her laptop on Saturday when the screen went blank.

A signal light came on, then the web camera switched on.

A page appeared on the screen 10 seconds later with a photograph of Mrs Tutty and a warning letter notifying her she was “accused of viewing/storage and/or dissemination of banned pornography”.

The message directed her to go to a store and ask for a UKash $100 voucher with a 19-digit UKash pin, saying she should enter the pin into her laptop.

Mrs Tutty said she ignored the message and connected the laptop to her personal computer to try to retrieve family photographs.

“The computer said there was a virus on the laptop.”

By Monday she had retrieved all her documents from the laptop and it was operational again.

She did not have virus protection on the laptop and said she was the only person who used it.

“Now I’m backing everything up; I just thought it was strange.

“I wouldn’t have paid the money anyway, but I know some people are quite vulnerable. I will look into getting some software protection.”

A Department of Internal Affairs spokesman said Mrs Tutty’s laptop had experienced a type of “ransomware”.

“Ransomware is malicious software [malware] that locks you out of something, in this case your computer, and demands money to let you back in.

“In this case it appears that it could have been attached to a poisoned website. Once activated, it will bring up a notice detailing why the person has been locked out, for example, “illegal downloading”, [and] what they need to do to get their computer running again.”

This was likely to involve paying money, including a description of the method for payment.

“It appears the ransomware in this case also triggered the web cam, which adds to their ‘scare tactics’ – essentially saying that you are being watched.”

Internal Affairs had received inquiries from other people who had experienced the same thing.

“It has been occurring for some time and not only in New Zealand. If someone experiences this they should seek the assistance of a qualified technician in having the malware removed.

“People should not pay the ransom and can also report the incident to NetSafe via the Orb website (”


About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to for more details.
This entry was posted in internet safety and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s