'Clop Ransomware.dll' Pop-Up Scam Attempts Cheap Scare Tactics

During our investigation into malicious websites, our research team came across the "Clop Ransomware.dll" technical support scam. This scam claims to be a warning message originating from Microsoft Windows, falsely asserting that users' computers are infected in an attempt to deceive them into contacting fraudulent support lines. Typically, these scams involve gaining remote access to victims' devices and are linked to serious security risks.

Upon accessing a website hosting the "Clop Ransomware.dll" scam, it was cleverly disguised to mimic Microsoft's official website. The site displayed a counterfeit version of Microsoft Defender (referred to in the scam by its former name, "Windows Defender") that performed an equally fabricated system scan. During this fictitious scan, non-existent threats were purportedly detected, followed by the appearance of several pop-up windows.

Among these pop-ups, one titled "Pornographics Alert - Security Warning" outlined fake infections such as trojans, spyware, and adware, accompanied by a list of supposed threats. This pop-up urged visitors to call the provided helpline for assistance.

Another prominent pop-up labeled "Windows Pornographic Security Notification" identified the alleged threats as "Clop Ransomware.dll" and "ads.video.porn.dll uploading." According to the scam, these infections purportedly led to the computer's lockdown. Once again, the scheme urged individuals to contact "Microsoft Windows Support."

It's vital to emphasize that all of these claims are entirely false, and this deceitful content is unrelated to the legitimate Microsoft Corporation.

When victims make the call, the scammers adopt the guise of skilled technicians or support staff and commonly request permission to access their devices remotely. This connection is often facilitated using legitimate software like TeamViewer, AnyDesk, UltraViewer, or similar tools. The subsequent course of the scam can vary, but in most cases, the cybercriminals persist in pretending to be knowledgeable specialists assisting the victims.

Scammers may deactivate or uninstall authentic security tools, install fake antivirus software, extract private data, initiate financial transactions, and/or introduce malware (such as trojans, ransomware, or cryptocurrency miners) into the system.

Victims might be duped into revealing personal information over the phone or entering it into seemingly secure websites or files. Alternatively, cybercriminals could acquire this information through the use of data-stealing malware.

Why Should You Not Trust Virus Warnings You See Online?

While virus warnings you encounter online might seem alarming, it's important to exercise caution and skepticism. Here's why you should be cautious about trusting virus warnings you see on the internet:

• Scare Tactics: Many online virus warnings use scare tactics to create a sense of urgency and panic. They might claim that your computer is severely infected and at risk to pressure you into taking immediate action.
• Fake Pop-Ups: Malicious actors can create fake pop-up windows that mimic legitimate antivirus alerts. These pop-ups may appear convincing, but they're designed to trick you into clicking on them and downloading malware.
• Clickbait and Ads: Some virus warnings are simply clickbait designed to lure you into clicking on them. They might lead you to dubious websites, encourage you to download unnecessary software, or even expose you to malware.
• Tech Support Scams: Fake virus warnings might prompt you to call a supposed tech support number for assistance. Scammers on the other end might offer to fix the problem for a fee or even gain remote access to your device for malicious purposes.
• Redirects to Malicious Sites: Clicking on a fake virus warning can redirect you to malicious websites that host malware or attempt to steal your personal information.