Bitcoin Ransomware Education: Scotch Tape Locker v1.0

We have seen multiple iterations of crypto-ransomware over the past few months. In some cases, developers have employed images and logos related to existing law enforcement agencies. Such scare tactics often work quite well against less tech-savvy users. Developers are also looking for more efficient ways of securing payment from their victims. Scotch Tape Locker v1.0 boasts a large DOJ logo and requires three different keys to unlock one’s data.

Scotch Tape Locker v1.0 Is an Interesting Creature

It is interesting to see ransomware developers getting a bit more creative when it comes to designing malware. Although that is not good news for victims and security researchers per se, some of the more unique malware types will always spawn intriguing discussions. Scotch Tape Locker v1.0 — which is probably not its final name — is certainly intriguing in this regard. Despite having the worst name in history, it is actually somewhat convincing.

Looking at the ransom note screen below, it is clear that this malware would be taken seriously. It boasts the logo of the U.S. Department of Justice and aims to trick users into paying for their internet “crimes” sooner rather than later. We have seen similar messages to this one before in other instances of ransomware. Using a law enforcement agency logo may trick more people into paying ransom, but all this is still fake in the end.

That message is pretty clear: victims have committed severe violations while browsing the world wide web, including downloading child porn, committing rape — hard to do online, but OK — promoting violence, and eating children (once again, quite difficult when browsing the internet). The message simply seeks to scare people more than anything, and there is a plethora of illogical content in this ransom. The one thing most people would feel guilty about is promoting violence, as that is subject to very wide interpretation.

However, that is not the part of this ransomware that caught our attention the most. Scotch Tape Locker v1.0 also requires three different decryption keys to restore one’s computer files. It is the first time we have come across this in the area of malware, since most types only require one key to decrypt files. Considering how victims are expected to pay a $150 sum in Bitcoin, three keys would seem to make even less sense than normal. It is certainly possible you do not even need three keys to unlock files.

It is unclear who designed this malware or how big of a threat it really poses. If nothing else, it goes to show that anyone in the world can create his or her own ransomware and get very artistic with it. Then again, Scotch Tape Locker v1.0 is certainly something unique. It does not appear to be part of any active ransomware distribution campaign. There are a lot of unknowns regarding this malware, but for now it is seemingly harmless until proven otherwise.

The world of ransomware will witness many changes in the future. With more and more people having access to ransomware-as-a-service platforms, the oddest creations are bound to pop up. Scotch Tape Locker v1.0 is certainly a creative attempt, but it is doubtful anyone will suffer any losses from it whatsoever. We can only hope three decryption keys does not become a real thing, since that would make the ordeal even less pleasant for malware victims.