Reveton impersonates FBI, claims to record users' illegal activities
Posted on 03.12.2012
The deadly combination of the Citadel malware and the Reveton ransomware is still widely used to steal information and money from uninformed users, the Internet Crime Complaint Center (IC3) warns.

The Citadel malware - a banking Trojan that is based on Zeus Trojan's source code and whose creators have adopted a Software-as-a-Service approach when it comes to the modifications of the crimeware kit that produces its variants - lures users to websites that deliver Reveton via drive-by download.

Once the ransomware is installed, it freezes the victims' computer and shows a message supposedly coming from the IC3:


The message claims that the users' computer has been blocked because they "violated U.S. Federal Law" by accessing illegal content such as child pornography.

The criminals behind the scheme try to create a sense of urgency and danger in order to make users act rashly, so the message also claims that the users' computer activity is being recorded using audio, video, and other devices.

To make the accusations go away and to unlock their computer, the victims are urged to pay a fine using prepaid money card services such as MoneyPak, Ukash, and others.

"This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction," the IC3 warns.

The ransomware can be removed without paying the "fine", but users are advised to check their systems for the Citadel malware, too, as their personal, financial and login information can be collected and used by cyber crooks to execute identity theft and credit card fraud.






Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //