14 DAY TRIAL // The FBI’s Internet Crime Complaint Center (IC3) has issued an alert advising Internet users to be on the lookout for a malicious campaign that relies on the Citadel platform to spread the Reveton ransomware.
This campaign is not new. In fact, on May 1 we published a complete description of how the scheme works. However, since the FBI has gotten involved, it means that the ransomware has made a lot of victims, which is why we’ll remind everyone on how to protect themselves against such threats.
The example provided by the IC3 reveals that the cybercriminals still rely on the reputation of the United States Department of Justice – Computer Crime and Intellectual Property Section to scare victims into believing that they’re actually accused of accessing illegal content.
It all starts when the unsuspecting user visits a compromised website that’s altered to serve drive-by downloads. This is when the actual ransomware is pushed onto the targeted device.
Once it finds itself on a computer, the malware locks the screen and accuses the victim of illegal online activities. In order for the machine to be unlocked, the user is instructed to pay a $100 (76 EUR) fine, allegedly to the US DOJ.
Depending on the location of the victim, determined based on his/her IP address, a number of payment options are displayed.
The fact that the computer is locked isn’t the only issue. Citadel operates in the background looking for online banking credentials that can be utilized to commit fraud.
The bottom line is that whatever you do, never pay the requested amount of money because in most cases that will get you nowhere. Tech savvy users can try to remove the infection by using rescue disks provided by antivirus vendors. Regular internauts can contact a specialized company.
In both cases, you are advised to contact your financial institution and file a complaint with the IC3.