Monday, April 28, 2014

In a surprising turn of events, it appears that Browlock is now targeting Russians.

If for some reason, some unfortunate fellow ends up in an infected site that has been prepended with the Browlock link.

This "browser locker" will be served after 5 seconds of being on the infected page:

The page appears to be in very well written Russian that is loosely translated to:

Ministry of Russian Federation Internal Affairs (Police Ministry)

[The ministry] detected that your computer has been used for doing wrong things which are illegal such as looking at materials related to violence, gay pornography and pedophilia.

Such activities are forbidden in accordance with [some law being quoted]. Such activity will cause a penalty of 800 to 4000 Rubles and if you don't want to pay, you will go to prison in accordance with [some law being quoted].

As it is already done, you now have to pay 1000 rubles. The payment of this penalty can be done via any mobile terminal (sample of this below) or you can put this sum to the phone number: +79054014516. You have to perform this payment in 12 hours.

After completing the payment, you will be given a confirmation of payment and there you'll see the unlocking code which should be entered in the field below. If you don't want to pay, then all the materials about these illegal activities will be sent to the prosecutor's office for initiating criminal proceedings. And a group of policemen will be sent to your place of residence.

Here is a sample mobile terminal image that was referred above:

When the user attempts to close the browser or tab, this will appear:

The "browser locker" page appears to render the browser unusable, however, it's just an elongated dialog box and a simple pressing of the ENTER key will close the browser and no harm will be done to your computer.

So far, it has only worked on the Chrome Browser but the page loads properly when accessed from different countries including Russia.

