Internet Crime Complaint Center (IC3) warns about a new Citadel malware platform that used to deliver ransomware, named Reveton.
The malware lures the victim to a drive-by download website, at which time the ransomware is installed on the user's computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law.
As usual, the malware threatens users by claiming user's IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content.
In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud. If you have received this or something similar do not follow payment instructions.
Earlier this month, Trusteer researchers has discovered the same piece of malware and report it.
The malware lures the victim to a drive-by download website, at which time the ransomware is installed on the user's computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law.
As usual, the malware threatens users by claiming user's IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content.
To unlock their computer the user is instructed to pay a $100 fine to the US Department of Justice, using prepaid money card services. The geographic location of the user's IP address determines what payment services are offered.
In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud. If you have received this or something similar do not follow payment instructions.
Earlier this month, Trusteer researchers has discovered the same piece of malware and report it.
