Ransomware Holds Computers Hostage, Demands Payment

By Carlton Purvis

Hackers are using a virus that disguises itself as a message from the FBI to extort money from computer users. The FBI is calling it “ransomware.”

The Bureau issued a warning about the Reveton virus in May, but since then it has become more widespread, so on Thursday, it issued another one.

Unlike most viruses, which are embedded in files or attachments, Reveton can install itself on a PC just by clicking a malicious link on a Web site. Once infected, the computer freezes and an “FBI” message appears on the screen saying the user violated federal law.

“The bogus message goes on to say that the user’s Internet address was identified by the FBI or the Department of Justice’s Computer Crime and Intellectual Property Section as having been associated with child pornography sites or other illegal online activity. To unlock their machines, users are required to pay a fine using a prepaid money card service,” says the most recent FBI release on Reveton.

Variants of the virus can turn on computer webcams and display the victim’s picture on the frozen screen. A similar virus that has popped up in Great Britain freezes computers and requires "payment" to the West Yorkshire Police.

The message from Reveton warns that ignoring the $100-$200 fine will result in criminal charges and the computer will remain on the locked screen. See screenshots of the fake alert here and here.

People are paying the so-called fine, says Donna Gregory of the Internet Crime Complaint Center. “We are getting dozens of complaints every day,” she said. “Reveton freezes your computer and stops it in its tracks. And the average user will not be able to easily remove the malware.”

If Reveton pops up on your computer the FBI says not to pay anyone, have a computer professional remove it, and contact the Internet Crime Complaint Center.

The viruses may be collecting payment information and personal information in addition to extorting money.

screenshot by Capt' Gorgeous/flickr


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.