A Japanese cyber extortion gang is running a new "name to shame" scam by duping users who pirate adult games into installing malware, then demanding that they pay up to keep their names from being publicly posted on the Web, a researcher said today.

The scheme is a new one in the world of "ransomware," the practice of mucking with users' files then extorting money to release them back to their rightful owners, said Rik Ferguson, a senior security researcher with Trend Micro's U.K. office.

According to Trend Micro, whose researchers in both Japan and the U.K. have analyzed the attack, extortionists seeded a Trojan horse onto a popular Japanese file-sharing service called Winny, which has an estimated 200 million users. The malware posed as installers for adult games in the Hentai genre, a pornographic form of anime.

"The installer asks a whole series of personal questions, including name, date of birth, phone number, mailing address, company name and game passwords," said Ferguson. "It also collects information from the PC, including screenshots of Internet Explorer's Favorites." The latter is IE's term for its bookmarks.

Full story: Computerworld