–New type of malicious computer virus known as ‘ransomware’
This picture shows the actual message that popped up recently on an Arizona City family’s laptop computer. The virus, known as “ransomware” and posing as an official message from the Department of Homeland Security, locked the family’s computer, literally holding all of its contents for ransom. The infection even gained control of the laptop’s webcam and took pictures of the users.
There is a relatively unknown malicious computer virus going around the Internet posing as an official message from the Department of Homeland Security’s “ICE Cyber Crime Center.”
The ransomware is part of what is known as the the Troj/Reveton-Ransomware family and it displays a lock screen that requires the user to pay a ransom before they will be allowed to access their Windows desktop, applications or files.
One Arizona City family recently reported this ransomware infection on their laptop.
The virus pretends to be from the Department of Homeland Security’s ICE Cyber Crime Center and states that it has detected that your computer has been involved in illegal cyber activity. This activity includes the distribution of pornography, copyrighted files, or computer viruses. It goes on to state that you need to pay a fine in the amount of $300 (or more) within 48 hours. In order to send the ransom you will be required to purchase a MoneyPak voucher at a store like CVS, Walmart, or Walgreens and submit the voucher ID in the lock screen. Once they receive the money, they will then automatically unlock your screen.
Even more frightening, this ransomware will also attempt to take a picture of you via your Webcam or skype camera to further scare you into sending in the ransom.
Last, but not least, this ransomware infection will also delete your Windows Automatic Update service so that you are unable to automatically update Windows. As this lock screen is not a legitimate message from any government agency, users can ignore it and get instructions on removing the threat. There are many websites that offer free downloads of programs specifically designed for malware removal. Any Google search for “malware removal” or something similar will provide a long list of appropriate websites. One handy site is www.bleepingcomputer.com.
The following is a list of reasons the ransomware lists on the lock screen as reasons your computer has been blocked.
“The work of your computer has been suspended on the grounds of unauthorized cyber activity.
Possible violations are described below:
Article -174. Copyright
Imprisonment for the term of up to 2-5 years
(The use or sharing of copyrighted files). A fine from 18,000 up to 23,000 USD
Article – 183. Pornography
Imprisonment for the term of up to 2-3 years
(The use of distribution of pornographic files). A fine from 18,000 up to 25,000 USD
Article – 184. Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years
(The use or distribution of pornographic files). A fine from 20,000 up to 40,000 USD
Article – 104. Promoting Terrorism
Imprisonment for the term of up to 25 years without appeal
(Visiting the websites of terrorist groups). A fine from 35,000 up to 45,000 USD
Article – 68. The distribution of virus programs
Imprisonment for the term of up to 2 years
(The development or distribution of virus programs, which have caused harm to other computers). A fine from 15,000 to 28,000 USD
To unlock your computer and to avoid other legal consequences you are obligated to pay a release fee of $300 USD.
An attempt to unlock this computer by yourself will lead to the full formatting of the operating system. All the files, videos, photos, documents on your computer will be deleted.”
This computer infection is not a legitimate message from the Department of Homeland Security. Therefore, ignore anything it displays and instead use a removal program mentioned previously in this story.
- No antidote to cyber ransom (stuff.co.nz)
- Ransomware: The cybercrime money machine of 2013 (itproportal.com)
- Cyber-Criminals Ramp Up Intimidation in Ransomware Scams (eweek.com)
- Cyber-security experts warn computer users of ‘explosion of ransomware’ (triblive.com)
- SOCA Warns of Ransomware Attack That Leverages Organization’s Name (news.softpedia.com)
- FBI ransomware and what you can view from the street (blogs.avg.com)