2013-03-29 - Landscape

Ransomware - Kovter : looking at your browsing history for more credibility

This is just another Ransomware...

Kovter - US 2013-03-29 (dont trust date on my VM)

but why posting about it and not about Galock the DHS one...

Look :

From source to Kovter ransom message

Kovter is checking your history against a remote list of website and if found will display it on the warning.

Other try
(but was not infected through it)

Kovter checking browsing history

But what if I've never been on any of those website ?

Let's do it simple...

File :
19561b33793dcb865eae56575a899ce8 (OwnCloud via goo.gl)
Reading :
Botnets.fr page
Don’t Pay Up – How To Beat Ransomware! - 2013-04-05 - MakeUsOf - Guy McDowell