As reported by the security outfit CloudSEK (opens in new tab), a new ransomware group called GoodWill forces its victims to give to the poor in order to regain access to their files.
GoodWill seems to originate out of Mumbai, India, and like other ransomware will encrypt important files on an infected device, requiring an encryption key provided by the hackers to regain access. Unlike typical ransomware attacks, which ask for money in the exchange, Goodwill charges victims with three peculiar acts of charity. It is unclear from the CloudSEK report how many people have been targeted by the group, or whether anyone has actually gone through with the process.
The first task is to “provide new clothes/blankets to needy people of road side [sic] and make a video of this event,” with proof posted to Facebook, Instagram, and WhatsApp. Next, GoodWill targets have to “in the evening, pick any 5 poor children (under 13 years) of your neighborhood and take them to Dominos / Pizza Hut or KFC, then allow them to order the food they love to eat and try to make them feel happy.” The hackers also want you to film and take pictures of the kids for social media, very cool. The final GoodWill charge is to pay for the medical bills of someone who can’t afford to, and, of course, post it to Facebook et al.
It’s all a bit… corny? Like something out of a chain email your grandma might send, except the security threat is very real. The element of posting proof to social media, coupled with the incredible profile frame provided to anyone who’s overcome all the hurdles, indicates to me that this is much more about humiliation than actually helping anyone.
GoodWill’s scheme reminds me of how the guy from Death Note thought he was going to change the world by orchestrating extralegal executions of small-time criminals. Light Yagami, my man, if you want to move the needle you have to think bigger. I’m sure these GoodWill guys can do some digging and figure out why so many people have enormous medical bills…
But I would never encourage criminal activity of any kind. Alongside the general chain email vibe I’m really caught up on the whole “take five needy kids out to eat” thing. What parent in their right mind would allow that? “Don’t worry, I’m not trying to abduct your kid—hackers just stole all the data for my HVAC business and this is how I get it back. I also have to film your child eating. Normal stuff.”
Karmically, maybe all this cynicism is just me begging to be GoodWill’s next victim. Those kooky hackers in Mumbai are about to teach me a valuable lesson about giving, humility, and filming people (including children) experiencing life-changing Kentucky Fried Chicken.