Last week, the FBI made a public announcement that there is a new “drive by” malware in the wild using the FBI name and a demand for a payment of the “fine”.
The IC3 (The Internet Crime Complaint Center) has been aware of this malware since May and is flooded by complaints about it.
This malware is identified as Reveton ransomware, which is designed to lock up victims’ computers in order to extort money. The infected machine is basically held hostage until a “fine” is paid.
Ransomware is usually installed by downloading malicious files or attachments. Reveton Ransomware, on the other hand, is “drive-by” malware, which exploits vulnerabilities in a browser. It is downloaded just by clicking on a malicious link or by visiting a malicious site.
Ransomware locks up victims’ computers and demands ransom payments in order to get a key code to unlock infected operating systems.
Usually, Ransomware displays a window with fake notices purporting to be from the law enforcement agencies, which falsely accuse users of illegal activities, such as under-age pornography viewing, unauthorized media downloads, etc. Some Ransomware imitates security notices, anti-virus software, software updates, etc.
Reveton displays a fake message from the FBI claiming that the user’s IP address was identified as the one engaging in online illegal activities. In order to unlock the Operating System, the users are instructed to pay a fine in the amount of $200.00 via MoneyPak pre-paid card. Reveton is intimidating victims into paying the “fine” by threatening to file criminal charges.
The IC3 states that some victims actually paid the “fine”. Paying the fee to unlock the machine will not fix the problem. Ransomware may still be running in the background and may deliver other malware. The average user will have a difficult time removing Ransomware from their computers.
As of right now, Ransomware is targeting Windows based computers, not Macs. With that being said, it is probably only a matter of time till Ransomware will be written for Macs.
If you become a victim of Reveton Ransomware or any Ransomware,
- Do not pay any money and never provide your personal information.
- Hire a professional to remove Ransomware.
- Always be careful with what links you click, what websites you visit, and what files you download.
Removal Instructions could be found here.
Read more about Reveton on the FBI’s website.