Intimidating new Internet fraud reported in AC

New type of malicious computer virus known as ‘ransomware’

There is a relatively unknown malicious computer virus going around the Internet posing as an official message from the Department of Homeland Security’s “ICE Cyber Crime Center.”

The ransomware is part of what is known as the the Troj/Reveton-Ransomware family and it displays a lock screen that requires the user to pay a ransom before they will be allowed to access their Windows desktop, applications or files.

One Arizona City family recently reported this ransomware infection on their laptop.

The virus pretends to be from the Department of Homeland Security’s ICE Cyber Crime Center and states that it has detected that your computer has been involved in illegal cyber activity. This activity includes the distribution of pornography, copyrighted files, or computer viruses. It goes on to state that you need to pay a fine in the amount of $300 (or more) within 48 hours. In order to send the ransom you will be required to purchase a MoneyPak voucher at a store like CVS, Walmart, or Walgreens and submit the voucher ID in the lock screen. Once they receive the money, they will then automatically unlock your screen.

Even more frightening, this ransomware will also attempt to take a picture of you via your Webcam or skype camera to further scare you into sending in the ransom.

Last, but not least, this ransomware infection will also delete your Windows Automatic Update service so that you are unable to automatically update Windows. As this lock screen is not a legitimate message from any government agency, users can ignore it and get instructions on removing the threat. There are many websites that offer free downloads of programs specifically designed for malware removal. Any Google search for “malware removal” or something similar will provide a long list of appropriate websites. One handy site is www.bleepingcomputer.com.

The following is a list of reasons the ransomware lists on the lock screen as reasons your computer has been blocked.

“The work of your computer has been suspended on the grounds of unauthorized cyber activity.

Possible violations are described below:

Article -174. Copyright

Imprisonment for the term of up to 2-5 years

(The use or sharing of copyrighted files). A fine from 18,000 up to 23,000 USD

Article – 183. Pornography

Imprisonment for the term of up to 2-3 years

(The use of distribution of pornographic files). A fine from 18,000 up to 25,000 USD

Article – 184. Pornography involving children (under 18 years)

Imprisonment for the term of up to 10-15 years

(The use or distribution of pornographic files). A fine from 20,000 up to 40,000 USD

Article – 104. Promoting Terrorism

Imprisonment for the term of up to 25 years without appeal

(Visiting the websites of terrorist groups). A fine from 35,000 up to 45,000 USD

Article – 68. The distribution of virus programs

Imprisonment for the term of up to 2 years

(The development or distribution of virus programs, which have caused harm to other computers). A fine from 15,000 to 28,000 USD

To unlock your computer and to avoid other legal consequences you are obligated to pay a release fee of $300 USD.

An attempt to unlock this computer by yourself will lead to the full formatting of the operating system. All the files, videos, photos, documents on your computer will be deleted.”

This computer infection is not a legitimate message from the Department of Homeland Security. Therefore, ignore anything it displays and instead use a removal program mentioned previously in this story.

Enhanced by Zemanta

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s