Thomas the Tank Engine ransomware: send nudes

Table of Contents

Something more interesting than your typical ransomware

There has been an outbreak of one of the strangest pieces of ransomware ever – Thomas theTank Engine ransomware (also known as the nRansom virus). Both its design and demands make it incredibly unique, differing from the huge pile of ransomware launched this year. Nevertheless, authors of the ransomware loved Thomas and the Tank Engine[1] books or TV-series; their demands are not childish. They want victims to send their naked pictures.[2]

nRansom virus asks for nudes.

Typically, ransomware takes over the victim’s computer and encrypts all the files, making them inaccessible. The user then sees a message on the screen, which usually demands a ransom to be paid for the data to be decrypted. Sometimes, the message gives an email address to ask for further details. The hackers usually ask victims to pay in BTC (Bitcoin) so that they could remain anonymous.

However, this new ransomware acts a bit differently. It does not encrypt the user’s files. More specifically, it works as a screenlocker that simply disables the access to the system.

How nRansom works

Lock-screen ransom note by nRansom virus.

Once you get infected with nRansom ransomware virus, your computer gets locked, and you see a message (on a background made of multiple pictures of the cartoon train with text saying “F*** YOU!!!) that demands you to send an email to “1_kill_yourself_1@protonmail.com” after creating an account on protonmail.com. Once you get a reply, you are then demanded to send naked pictures of you:

“After we reply, you must send at least 10 nude pictures of you. After that, we will have to verify that the nudes belong to you.”

It also claims that when it is verified that the photos indeed belong to you (what kind of methods could be used?), the hackers should send you the decryption key to finally unlock the computer. The malicious extortion tool also claims that the photos will be sold on the deep web.

While the message is being displayed, you can hear the theme song from an American TV show “Curb Your Enthusiasm” on a loop from an audio file “your-mom-gay.mp3”.

Should you follow the instructions? Absolutely not!

Unexperienced computer users might be terrified by screen-locking feature. It seems impossible to bypass it. While other file-encrypting viruses demand to pay the ransom on the lock screen; this one gives quite a disturbing demand, which, hopefully, will stop victims from following hackers orders immediately.

As you already know, the nRansom is unable to encrypt files. Thus, it did not do any damage to personal files, such as holiday memories captured in pictures, favorite music archives, and important documents. Thus, instead of finding the best angle to take a picture of your naked body; you should find the way to bypass screen lock and get rid of this weird cyber infection.

Not a really big threat

Fortunately, at the moment nRansom can be recognized by the majority of anti-malware programs, so users should not worry. However, it is not yet known how the ransomware is distributed.

It remains unclear whether the Thomas the Tank Engine ransomware is just a joke or a legitimate attempt to make money. If you get infected by nRansom, there is a simple solution – you should restart your device in Safe Mode and then let an anti-malware program scan the system to delete the threat.

Protect from ransomware

To avoid such ransomware,[3] you should download and install an excellent security tool – a reliable anti-malware solution will block malware attempts to infiltrate your system. You can check out the antivirus reviews on Reviewedbypro.com – a website that is dedicated to getting rid of malware once and for all. Choose the best tool according to your needs.

However, you should also watch your steps online:

  • avoid spam emails and their attachments;
  • don’t download illegal content;
  • don’t trust online ads;
  • avoid visiting adult-themed, gaming, gambling or other suspicious sites.

Free security software is not enough

Computer users often want to save their money and rely on free security programs, such as Avast, which is considered to be the best free antivirus of 2017. However, they may not be as powerful as paid tools. We do not say that they cannot protect computers. They can. The problem is that they may not provide a maximum protection level. For instance, they may not recognize some malicious files or might be unable to remove them.

Thus, if you do not want to encounter nRansom or a real file-encrypting virus, such as Lukitus, you’d better invest in your computer’s protection,[4].

Backup, backup, and… backup!

Even the best antivirus program cannot give absolute immunity to ransomware. Thus, data backups[5] are crucial. Developers of malware might trick you into opening a malicious email attachment, download fake update or program. Trust us; they are good at it!

Thus, creating copies of the most valuable files help you to survive ransomware attack without big problems. You can easily avoid hackers’ demands, get rid of the malicious program and get back to the normal life.