Tech Support Scammer Gets Infected With Ransomware

When dealing with ransomware, there is always a chance of unexpected consequences. One tech support scammer was tricked into installing ransomware not too long ago. With the number of fake tech support calls on the rise as of late, revenge can be bittersweet. Since all of these calls are attempts to steal money from users, turning the tables on them is not morally wrong either.

Tricking The Trickster With Ransomware

Although the best course of action is to hang up when receiving these fake tech support calls, some people enjoy taking things to the extreme.Ivan Kwiatkowski has come up with a way to trick these scammers into installing ransomware on their own devices.Locky is the preferred tool of choice for Kwiatkowski, as it is one of the most potent ransomware threats to date.

It has to be said; this particular tech support scam was a bit more sophisticated. His parents, who recently purchased a new computer, were directed to a landing page telling them the machine was infected with malware. While this wasn’t true by any means, unsuspecting users could get tricked into thinking they will need tech support to get rid of the malware.


After getting in touch with tech support, Kwiatkowski reached a human to help him out with the problem. As is to be expected, Kwiatkowski was guided through the process to download a remote assistance client. Albeit this program is completely legitimate, it is being abused by internet criminals all over the world these days.

After the tech support person had gained access to Kwiatkowski’s machine – he used a Windows XP virtual machine for this prank – she got to work on scaring the end user. Then again, this ‘person” blatantly ignored any warning signs of something being amiss with the accessed environment. She also advised Kwiatkowski to buy their excellent antivirus software, which should be ignored at all times.

These tech support services require payment by credit card. Kwiatkowski decided to send the tech support person a picture of his credit card, which had the Locky ransomware embedded in it. Needless to say, the call ended abruptly, and Kwiatkowski got some good revenge on the people who were trying to defraud his parents. The full transcript of the call can be found on Sophos.

Image credit 1

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.