Scammers software

AussieScamBuster · February 9, 2020, 9:46pm

Looks like scammers have some software they drop on victims computer once they remote connect. Scammers software runs at startup to block their computer. Found on Facebook scammer group. I’ve seen scammers drop HTML, Batch files and even VBS fies to run at startup, but this looks more sophisticated.

image scammerstartupsoftwarepng.png

grabscammersip · February 9, 2020, 10:13pm

Holy shit this isnt good

I’ve seen scammer rating victims but wow

atomicdragon136 · February 9, 2020, 10:36pm

I hope that anti-malware programs will soon recognize this as a ransomware and protect victims

Last time a scammer tried to uninstall Avast off my VM so that could be part of this?

AussieScamBuster · February 9, 2020, 10:45pm

This is a view from the scammers side of their ransomware. I got these screenshots from the same facebook post the scammer made advertising his software.

~~![image scammerstartupsoftware2jpg.jpeg](https://tlscommunity.com/assets/2020-02-09/22:45:410-scammerstartupsoftware2jpg.jpeg)~~

drwat · February 10, 2020, 7:27am

This scammer has FB profile: Redirecting...

Karan Malhotra (Karan is a male in India). He is a Punjabi and did his high school inDAV schoo, Chandigarh, Punjabi

Skype karan001_6

Zen · February 10, 2020, 1:33pm

@AussieScamBuster#128129 this makes my blood boil. Time for a flood

grabscammersip · February 10, 2020, 5:26pm

@AussieScamBuster#128129 we need to try get the program and try crack the source code

If not send it to the av providers for analysis