‘Ransomware’
Locks Computers, Demands Payment
There is a new “drive-by” virus on the
Internet, and it often carries a fake message—and fine—purportedly from the
FBI.
“We’re getting inundated with
complaints,” said Donna Gregory of the Internet Crime Complaint Center (IC3),
referring to the virus known as Reveton ransomware, which is designed to extort
money from its victims.
Reveton is described as drive-by malware
because unlike many viruses—which activate when users open a file or
attachment—this one can install itself when users simply click on a compromised
website. Once infected, the victim’s computer immediately locks, and the
monitor displays a screen stating there has been a violation of federal law.
The bogus message goes on to say that
the user’s Internet address was identified by the FBI or the Department of
Justice’s Computer Crime and Intellectual Property Section as having been
associated with child pornography sites or other illegal online activity. To
unlock their machines, users are required to pay a fine using a prepaid money
card service.
“Some people have actually paid the
so-called fine,” said the IC3’s Gregory, who oversees a team of cyber crime
subject matter experts. (The IC3 was established in 2000 as a partnership
between the FBI and the National White Collar Crime Center. It gives victims an
easy way to report cyber crimes and provides law enforcement and regulatory
agencies with a central referral system for complaints.)
“While browsing the Internet a window
popped up with no way to close it,” one Reveton victim recently wrote to the
IC3. “The window was labeled FBI and said I was in violation of one of the
following: illegal use of downloaded media, under-age porn viewing, or
computer-use negligence. It listed fines and penalties for each and directed me
to pay $200 via a MoneyPak order. Instructions were given on how to load the
card and make the payment. The page said if the demands were not met, criminal
charges would be filed and my computer would remain locked on that screen.”
The Reveton virus, used by hackers in
conjunction with Citadel malware—a software delivery platform that can
disseminate various kinds of computer viruses—first came to the attention of
the FBI in 2011. The IC3 issued a warning on its website in May 2012. Since
that time, the virus has become more widespread in the United States and
internationally. Some variants of Reveton can even turn on computer webcams and
display the victim’s picture on the frozen screen.
“We are getting dozens of complaints
every day,” Gregory said, noting that there is no easy fix if your computer
becomes infected. “Unlike other viruses,” she explained, “Reveton freezes your
computer and stops it in its tracks. And the average user will not be able to
easily remove the malware.”
The IC3 suggests the following if you
become a victim of the Reveton virus:
■Do not pay any money or provide any
personal information.
■Contact a computer professional to
remove Reveton and Citadel from your computer.
■Be aware that even if you are able to
unfreeze your computer on your own, the malware may still operate in the
background. Certain types of malware have been known to capture personal
information such as user names, passwords, and credit card numbers through
embedded keystroke logging programs.
■File a complaint and look for updates
about the Reveton virus on the IC3 website.
No comments:
Post a Comment