FBI Moneypak Virus - It is a common name in recent days among the computer users of United States
In 2012, a major ransomware worm known as Reveton or Revaton or Win32/Revaton , also nicknamed the "Police Trojan", began to spread. Based off the Citadel trojan (which itself, is based on the Zeus trojan), its payload displays a warning purportedly from a law enforcement agency, claiming that the computer had been used for illegal activities; such as downloading pirated software. The warning informs the user that to unlock their system, they would have to pay a fine using a voucher from an anonymous prepaid cash service such as Ukash or Paysafecard. To increase the illusion that the computer is being tracked by law enforcement, the screen also displays the computer's IP address as well, while recent versions can also purportedly show footage from a computer's webcam to give the illusion that the user is also being recorded by law enforcement.
Revaton's payloads are localized, displaying the names and logos of local law enforcement agencies. Variants that targeted the United Kingdom included ones branded as being from the Metropolitan Police Service, the collection society PRS for Music (which specifically accused the user of illegally downloading music), and the Police National E-Crime Unit. In a statement warning the public about the malware, the Metropolitan Police clarified that they would never lock a computer in such a way as part of an investigation.
Reveton initially began spreading in various European countries in early 2012. In May 2012, Trend Micro threat researchers discovered templates for variations for the United States and Canada, suggesting that its authors may have been planning to target users in North America. A Norwegian version exists. By August 2012, a new variant of Reveton began to spread in the United States, claiming to require the payment of a $200 fine to the FBI using a MoneyPak card.
.jpg "FBI MoneyPak Virus - Win32/ Revaton or Reveton") | ||||
| FBI MoneyPak Virus - Win32/ Revaton or Reveton | FBI MoneyPak Virus - Screenshot by DiGiMan |
.jpg "FBI MoneyPak Virus - Win32/ Revaton or Reveton FBI MoneyPak Virus - Screenshot by DiGiMan")
.jpg "FBI MoneyPak Virus - Screenshot by DiGiMan")
The FBI - MoneyPak virus has many user interfaces, most of them are having the Computer's IP address in them to make the users believe in it. Sometimes it comes with the name of United States Cyber Security. Almost all variants of this malware blocks the whole screen of the computer once the users log into their user account. In most cases it won't even allow us to Kill it's process from task manager. Actually we can't even open task manager by pressing "CTRL+ALT+DEL"
Removing this malware is pretty simple and for that please read the next blog.. It is my time to sleep. See Ya.
No comments:
Post a Comment