Have you heard of Ransomware? You don’t want it. But if you get it, don’t pay the ransom!
What is ransomware?
Ransomware is malicious software which holds a computer, or the data it contains, hostage by demanding a ransom (http://en.wikipedia.org/wiki/Ransomware_%28malware%29). It started out in Russia, spread through Eastern Europe, and started showing up here in North America recently. Antivirus programs recognize it as the Reverton Trojan. You recognize is as the “Fake FBI” or “Fake RCMP” warning.
This ransomware is disgustingly clever. It figures out where in the world you are and displays a page that pretends to be from a law enforcement agency in your area. Americans see the FBI warning. Canadians see a CSIS or RCMP warning.
The page blocks access to your computer. It says that your computer has been used for some nefarious purpose --- sometimes downloading pirated movies or software, or sometimes viewing pornography. You’re informed that you can get the computer unlocked by paying a fine, and conveniently offers you a way to do that. A really creepy variant of this really creepy scam TALKS to you. (Video here: http://youtu.be/ZAAwVLEaNLE.)
What should I do if I see a page like that?
If you find your computer has been compromised by this malicious software, turn it off and leave it off until you are prepared to remove the Reverton trojan. If you leave it on, things will get worse. If you’re not experienced with cleaning infected computers, get professional help. If you’re experienced enough to remove it on your own, don’t quit looking for malware when you get rid of Reverton. If left to its own devices, Reverton will allow all kinds of other harmful stuff in.
When you are sure you’ve removed everything bad completely, change any passwords that have anything to do with banking, credit cards, or anything connected to a credit card like an Apple ID or an Amazon account. Keep your eye on your credit cards and your bank accounts, watching for unusual and unauthorized activity. Alert your bank or credit card company if you see something wrong.
I don’t want to get this! What can I do to protect my computer?
You can protect your computer from becoming infected by making sure you have a good antivirus product running all the time and doing a daily scan, and by supplementing that with a second, different kind of product like Malwarebytes (http://www.malwarebytes.org/) or Superantispyware. No one product, no matter what it is, can catch everything bad out there. It’s also absolutely critical to make sure Windows is up to date, that your FlashPlayer is up to date, and your Java is up to date and/or disabled. (See last week’s column for more on Java exploits: http://rlis.com/columns/column388.htm.)
If you want to know more about this miserable piece of malware, here are some excellent resources:
- Beware Ransomware http://www.pcmag.com/article2/0,2817,2414321,00.asp
- Ransomware scammers push panic button http://www.computerworld.com/s/article/9235040/Ransomware_scammers_push_panic_button_with_bogus_claims
- New Police Ransomware Claims Fake Treaty Among AV Vendors and Police http://blog.trendmicro.com/trendlabs-security-intelligence/new-police-ransomware-claims-fake-treaty-among-av-vendors-and-police/
Do you need help with your computer? I'm here to help you and your home or business computer get along!
Cate Eales runs Computer Care Kelowna (http://computercarekelowna.com/) a mobile service helping home users and businesses get along with their computers. To arrange an appointment phone her at 250-764-7043. Cate also welcomes your comments and suggestions. Send email to [email protected].
You can read previous columns here: http://rlis.com/column.htm . If you'd like to subscribe to this column by email, please visit this link: http://www.feedblitz.com/f/f.fbz?Sub=20618 . It's easy, and free. If you'd prefer the RSS Feed, click here: http://rlis.com/rlis.xml.