Monday, December 3, 2012

IC3: Reveton Ransomware Now Impersonating Us, Don't Fall For It

Internet Crime Complaint Center (IC3)There’s a new Reveton ransomware variant in circulation, and it’s using the Internet Crime Complaint Center (IC3) brand and reputation to extort money out of its victims.

In the past, Reveton has impersonated the FBI, Interpol, and the Metropolitan Police, so it’s not that big of a surprise that it added IC3 to the list. The Internet Crime Complaint Center, as its name implies, handles complaints tied to cybercrime such as hacking, online extortion, identity theft, etc.

Reveton typically makes its way onto computers via drive-by-downloads, or is downloaded by other malware already on the system (the Citadel Trojan is known to download Reveton). Upon infection, Reveton will freeze the system and present the user with a message accusing them of breaking U.S. federal law by accessing child pornography or other equally disturbing content.

According to the warning message, in order to avoid prosecution by IC3 and regain access to their files, users must submit payment via MoneyPak or UKash within 72 hours.

It's important that users understand that this message is NOT a legitimate warning from the IC3, and users should NOT submit payment.

Here’s a screenshot of the message displayed by the new variant:

Reveton IC3 Message


You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America. Article I, Section 8 of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.

You have been viewing or distributing prohibited Pornographic content (Child port, Zoofilia, etc.) this violating article 202 of the Criminal Code of the United States of America. Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.

Pursuant to the amendment to the Criminal Code of the United States of America of May 28, 2011, this law infringement (if it is not repeated – first time) may be considered as conditional in case you pay the fine to the State.

Fees may only be paid within 72 hours after the infringement. AS soon as 72 elapse, the possibility to pay the fine expires, and a criminal case is initiated.

If you see this page, do NOT send payment!

Keep Your PC Reveton-Free

  • Keep your operating system and installed third-party software, especially Adobe Flash, Adobe Acrobat & Java, fully patched & up-to-date.

  • Do not download files or click links attached to emails from unknown or untrusted sources.

  • Always run antivirus & anti-malware software.

Did Your PC Get Infected by Reveton?

If Reveton has already snuck its way onto your PC, then here are some tools that may help remove the infection:

[via IC3]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment