Reveton is one of the most notorious pieces of ransomware. The malware is often used by cybercriminals to get unsuspecting Internet users to pay so-called fines in order to have their computer screens unlocked.
However, ThreatTrack Security researchers have spotted a variant of the Reveton malware that doesn’t lock up computer screens. Instead, it relies on a fake antivirus called Live Security Professional to help the crooks make a profit.
The rogue security application warns victims that several infections have been found on their device and advises them to “sign up in order to stay protected.” Of course, the sign-up process involves some fees.
According to experts, the threat is distributed via the Sweet Orange exploit kit.
Interestingly, the malware behaves like the well-known Reveton, but it ditches the lock screen in favor of the fake antivirus.
Additional technical details regarding this peculiar Reveton sample are available on ThreatTrack Security’s blog.