[BreachExchange] Osaka teen first alleged ransomware maker arrested in Japan

[Destry Winant]

http://www.japantimes.co.jp/news/2017/06/05/national/crime-legal/osaka-teen-first-alleged-ransomware-maker-arrested-japan/#.WTizcRPyu34

A 14-year-old in Osaka Prefecture has become the first person in Japan
arrested for allegedly creating ransomware, the police said Monday.

The third-year junior high school student, who was arrested the same
day, is suspected of combining free encryption programs to create
ransomware, which makes computer files inaccessible unless a ransom is
paid, the sources said.

“The male student apparently learned how to create it on his own,” a
source said.

The student, who lives in Takatsuki, admitted to creating the malware
program on Jan. 6 and uploading it to an overseas website where he
lured people into downloading it via social media, the sources said.

No financial losses from the malware have been reported yet, the sources said.

The ransomware was designed to infect computers after download and
demand payment from the victim in Japanese via digital currency.

The student told investigators that he wanted to become famous and
that the ransomware had been downloaded more than 100 times.

The Kanagawa Prefectural Police spotted the malware during
“cyberpatrolling” duties in January and confiscated his computer after
searching his house in April. They also found messages on his Twitter
account hinting that he had produced the ransomware virus.

The arrest came after a global cyberattack in May that made use of the
ransomware program WannaCry. The malware spread to more than 150
countries, disrupting the British health care system and numerous
companies, including in Japan.

But the malware developed by the teen is thought to have nothing to do
with the global attack, according to the police.

WannaCry, which demanded payment in bitcoin in exchange for a password
to unlock the victims’ data, is believed to have spread through global
networks by exploiting a weakness in Microsoft’s Windows operating
system.

“Ransomware is on the rise with the spread of the virtual currency
bitcoin, which allows records of transactions to be erased,” said
Tetsutaro Uehara, a professor at Ritsumeikan University who
specializes in information security.

Noting it is difficult to recover data locked up via ransomware,
Uehara said it is “crucial to make backups just in case.”Computer
security firm Trend Micro Inc. detected over 65,400 ransomware attacks
in Japan last year, up 9.8-fold from the year before, it said.

Ransomware targeting Android smartphones and tablet devices also
surged in the first quarter, and Trend Micro said it had confirmed
123,100 types circulating worldwide in the period, or about 5.6 times
more than a year ago.