New virus extorts cash from porn fans

A new virus is making the rounds, and this one employs a startling new tactic for making a mess out of the lives of those unfortunate enough to get infected.
Known as Kenzero, the infection originated in Japan and, in its initial attack phase, is targeting users of a file-sharing service called Winni, which claims about 200 million users.
When Winni customers use the site to download illegal copies of games in the adult, animated "hentai" genre, their PCs are becoming infected with the Kenzero virus, which makes a copy of their Web-browsing history and posts it online, where it is visible to the public. The Kenzero virus appears on Winni as a standard game installer, deceiving its victims.

Suffice it to say that anyone who's downloading illegal hentai games — which feature extremely graphic (and conceivably illegal in the U.S., see here) sex acts — probably does not want his browsing history published to the world.

After infection and the publication of the Web history, the victim is then held for ransom, and a pop-up note or email demands a relatively small financial payment (about $16) from the user in order to "settle your violation of copyright law." The BBC reports that a similar extortion attack targets European users, demanding much higher fees of $400, which is termed a "pretrial settlement."

It's a very brazen way to attack users, pretending to be a law enforcement agency while also engaging in explicitly illegal extortion activities — but in a world where Web users are hopefully becoming a little more sophisticated and aware of garden-variety malware attacks, I suppose crooks have to resort to increasingly extreme measures in order to extract money from their victims.

Nonetheless, remember that this attack is fundamentally no different from others. Antimalware and antivirus software should clear it up, as architecturally it is no more advanced than any other attack.

In no case should you actually pay an extortionist looking for a handout: There's little assurance they will actually follow through on what they say they'll do, and giving credit card or bank account information to one of these crooks invariably opens you up for much more serious financial losses.

As for any Web histories published to the Internet, well, you might just have to live with it. Call it a lesson learned.
Christopher Null is a technology writer for Yahoo! News.