Reveton Malware Freezes PCs, Demands Payment

Mousey

Ueber Meister Mouse
You do not have permission to view link Log in or register now.
FBI warns of Reveton 'ransomware' scam that freezes Windows PCs, accuses you of a crime, and requests you pay fines to unlock computer.

By Mathew J. Schwartz InformationWeek
August 15, 2012 10:35 AM


Has your Windows PC frozen up, displaying a lock screen with warnings from the FBI that the PC has been used to illegally access or distributed copyrighted material, or "prohibited pornographic content"?

If so, then you're likely dealing with "ransomware" known as Reveton, which freezes PCs and opens a window telling people that if they want to regain control, they'll need to pay a "fine" via a prepaid money card service. Helpfully, a "pay MoneyPak" code-entry box is even helpfully included on the lock screen. But unlocking a Reveton-infected PC can be difficult, owing to the malware often being deployed in conjunction with other malware that's designed to block users from accessing security websites.

The FBI last week issued a warning that the number of Reveton infections has recently been surging. "We're getting inundated with complaints.....
 

Jinn

Webmeister
webmeister
I fixed this recently on a friend's computer, it was one of the most difficult things to deal with.

After I finally stopped the malware from loading at startup and removed it completely from the system, it had replaced most of the personal files with encrypted versions - including the entire photo collection.

Luckily we had a recent backup otherwise all the photos would have been lost, as the most recent version of this 'ransomware' apparently changes files to a version that is impossible to unencrypt without paying the hackers - and even if you pay them, often they don't provide the codes necessary for unencryption.
 

Mousey

Ueber Meister Mouse
I fixed this recently on a friend's computer, it was one of the most difficult things to deal with.

After I finally stopped the malware from loading at startup and removed it completely from the system, it had replaced most of the personal files with encrypted versions - including the entire photo collection.

Luckily we had a recent backup otherwise all the photos would have been lost, as the most recent version of this 'ransomware' apparently changes files to a version that is impossible to unencrypt without paying the hackers - and even if you pay them, often they don't provide the codes necessary for unencryption.
Hackers using his type of malware (ransomware), in particular, IMHO should be tarred and feathered, set down in a prison warehouse filled with infected computers and made to repair every damn one of them.
 
Top