Reveton impersonates FBI, claims to record users' illegal activities
Posted on 03.12.2012
The deadly combination of the Citadel malware and the Reveton ransomware is still widely used to steal information and money from uninformed users, the Internet Crime Complaint Center (IC3) warns.

The Citadel malware - a banking Trojan that is based on Zeus Trojan's source code and whose creators have adopted a Software-as-a-Service approach when it comes to the modifications of the crimeware kit that produces its variants - lures users to websites that deliver Reveton via drive-by download.

Once the ransomware is installed, it freezes the victims' computer and shows a message supposedly coming from the IC3:


The message claims that the users' computer has been blocked because they "violated U.S. Federal Law" by accessing illegal content such as child pornography.

The criminals behind the scheme try to create a sense of urgency and danger in order to make users act rashly, so the message also claims that the users' computer activity is being recorded using audio, video, and other devices.

To make the accusations go away and to unlock their computer, the victims are urged to pay a fine using prepaid money card services such as MoneyPak, Ukash, and others.

"This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction," the IC3 warns.

The ransomware can be removed without paying the "fine", but users are advised to check their systems for the Citadel malware, too, as their personal, financial and login information can be collected and used by cyber crooks to execute identity theft and credit card fraud.






Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //