Child Pornography, FBI, 48 Hours, $200
sums it up pretty nicely.
The victim was attacked by a variant of the reveton
virus delivered by and with Citadel Malware. Reveton viruses
are what is called Ransomeware.
Ransomware is malicious software that locks you out
of your computer, or your data, and demands money to let you
back in. Citadel Malware intends to use the victim's computer
in online bank fraud
Reveton lures the victim to a drive-by download
website, at which time the ransomware is installed on the user's
Used to be you had to open an attachment, run
an attached program, or unzip a file. This gave us a time to think,
to back out, or was just too much hassle to be bothered with.
Social networking sites like YouTube, FaceBook, and
Pinterest let you email what you think is cool to other people
sending nothing more than a subject and a link. We're very used to
getting these types of email. Click the link, and you're
Once infected, the computer freezes displaying a
warning the user has violated United States federal law. The
message further declares the user's IP address has been identified
by the Federal Bureau of Investigation as visiting websites that
feature child pornography and other illegal content and threatens
criminal proceedings within 48 hours.
Reveton disables your computer. No Start Menu, no
Desktop Icons, Task Manager is disabled, nothing but a screen
threatening you with FBI charges for surfing child pornography
unless you pay the ransom.
The ransom should be paid to the U.S. Department of
Justice (in Russia) using a prepaid money card service. The
geographic location of the user's IP address determines what
payment services are offered.
In addition to reveton, the Citadel malware operates
on the compromised computer and can be used to commit online
banking and credit card fraud.
The real FBI, at WWW.FBI.GOV has a little
something to say about all this. Supervisory Special Agent
Herbert Stapleton writes "The FBI will never insist that you
need to pay a fine to the FBI to unlock it. That's not a law
enforcement tactic. So don't provide any money, don't provide any
personal information if your computer is locked up by this type of
The FBI's next statement surprised me very much,
they recommend a technique that is so radical, so unspeakable, that
if I didn't have the backing of the FBI I wouldn't dare write it.
The FBI says, and I quote, "Contact a computer professional to
remove the malware from your computer and make sure that it's fully
removed and there are no lingering effects.".
Usually contacting a computer professional isn't
even considered until the 12 year old nephew who's "good with
computers", the beer guzzling brother-in-law, son who's a
"big shot" with some company that sells floppy disks,
every co-worker with nothing better to do, and of course, the
pimple faced teens of Squeak Squad have had a chance to muck things
up. At which point the victim is out hundreds of dollars and still
dead in the water, like they have been for a week, and is declaring
an emergency that I am expected to respond to immediately and
without compensation, at their convenience, while their dog
persistently tries humping my leg.
It seems the FBI takes this kind of thing
personally, not the leg humping, I have no idea how the FBI feels
about that, but maybe the use of "Federal Bureau of
Investigation" has ticked them off because they
write, "If you're a victim of this virus, report it to
the Internet Crime Complaint Center, or IC3, at www.ic3.gov. The
IC3 is a partnership between the FBI and the National White-Collar
Crime Center.", so there bad guys!
out! http:www//lets.get.infected.com, or not, but that's
your call, and that's Cocktail Talk.