FBI Warns of Surge in Reveton Ransomware Infections
The ransomware uses fake FBI warnings to extort money.
An FBI statement posted online yesterday warns of an increase in infections from drive-by ransomware that uses fake FBI warnings to extort money from victims.
"Reveton is described as 'drive-by' malware due to its ability to activate and install itself when users visit a compromised web site," writes The Inquirer's Lee Bell. "Unlike most viruses, it doesn't need to install a file or attachment."
"We are getting dozens of complaints every day," Donna Gregory of the Internet Crime Complaint Center (IC3) said in the statement.
"Victims are lured to a download website, where Reveton is installed on their computer," writes SC Magazine's Danielle Walker. "This causes their machine to freeze and a screen to display that carries a fake warning saying they have violated federal law. The malware then attempts to extort money from the victim by ordering them to pay a fine, using online money transfer services, in order to unlock their computer."
"The language is one tip-off the message may not be legitimate. For instance, one screen-captured message cites 'Article 1, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America,'" writes Threatpost's Anne Saita. "It claims this law allows 'a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.'"
"The IC3 suggests the following steps for victims of the Reveton virus: do not pay any money or provide any personal information; contact a computer professional to remove the malware from your computer; be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background; and file a complaint and look for updates about the Reveton virus on the IC3 website," Infosecurity reports.