Tag Archive | malware

FBI ALERT!!! Citadel Malware still on the loose

Dec5

Fraud XDirectly From the FBI:

Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money

11/30/12—A new extortion technique is being deployed by cyber criminals using the Citadel malware platform to deliver Reveton ransomware. The latest version of the ransomware uses the name of the Internet Crime Complaint Center to frighten victims into sending money to the perpetrators. In addition to instilling a fear of prosecution, this version of the malware also claims that the user’s computer activity is being recorded using audio, video, and other devices.

As described in prior alerts on this malware, it lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law. The message further declares that a law enforcement agency has determined that a computer using the victim’s IP address has accessed child pornography and other illegal content.

To unlock the computer, the user is instructed to pay a fine using prepaid money card services. The geographic location of the user’s PC determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.

This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction.

It is suggested that you:

  • File a complaint at http://www.IC3.gov;
  • Keep operating systems and legitimate antivirus and antispyware software updated; and
  • Contact a reputable computer expert to assist with removing the malware.

FBI – E-mail Scam using Screen Freeze

Aug14

The FBI has reported that a new email scam is being used on the  Citadel platform using to deliver ransomware named Reveton.

  1. The ransomware Lures the victim to a drive-by download website,
  2. And the ransomware is installed on the user’s computer. Once installed,
  3. The computer freezes and
  4. A screen is displayed warning the user they have violated United States federal law. The message further
  5. Declares the user’s IP address has been identified by the Federal Bureau of Investigation as visiting websites that feature child pornography and other illegal content.
  6. To unlock the computer, the user is instructed to pay a fine of $1,000.00  to the U.S. Department of Justice
  7. Using a prepaid money card service.
  8. The geographic location of the user’s IP address determines what payment services are offered.
  9. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.

The ransomware software stays on your laptop/computer and gathers your personal banking info and then commits even more damage to you through financial fraudulent acts.

If you’ve been a victim or If you receive unsolicited e-mail offers or spam, you can forward the messages to the Federal Trade Commission at spam@uce.gov.

As Always, Stay Informed …

ALERT!!! FBI says Check Computer Infected – DNS change software?

Jul12
Hi Everyone,Please read the following from the FBI. 

I’m sure pretty much everyone received it, but if not … at least you can reference it here.

DNS – Domain Name System – is an Internet service that converts user-friendly domain names, such as http://www.fbi.gov, into numerical addresses that allow computers to talk to each other. Without DNS and the DNS servers operated by Internet service providers, computers would not be able to browse web sites, send e-mail, or connect to any Internet services.

Criminals have infected millions of computers around the world with malware called CNSChanger which allows them to control DNS servers. As a result, the cyber thieves have forced unsuspecting users to visit fraudulent websites and made their computers vulnerable to other kinds of malicious software.

Check your computer’s DNS settings. If you’re a victim of the DNSChanger malware, you can register with the FBI at this link here:  https://forms.fbi.gov/dnsmalware

Learn about DNSChanger malware and how it can affect your computer. (PDF) at this link here:  http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

As Always, Stay Informed …

Bob