Malware Locks Up Computer in Attempt to Extort Money

June 12, 2013
The Better Business Bureau (BBB) is warning consumers of a malware program that locks up your computer and demands you pay a fine or criminal charges will be filed.

The BBB received a call Tuesday afternoon from a local consumer whose daughter's computer was displaying a message from the "FBI" stating she had violated federal law by illegally using or distributing copyright laws and is subject to fines up to $100,000.

The message continued to state a law enforcement agency has determined the computer's IP address had accessed child pornography or other illegal content and displayed a webcam image of her daughter in her bedroom.

Amanda Tietze, Vice President of Public Relations with the BBB states "the consumer was clearly upset that this message and image of her daughter popped up on her computer. She even called the local FBI division to make sure the message wasn't legitimate."

It turns out the computer is infected with a Citadel malware platform designed to deliver "Reveton ransomware". The malware is downloaded on the victim's computer by clicking on a compromised website. Some variants of the malware can turn on the victim's webcam and display the victim's picture on their computer. Once infected, the computer locks up and a message demanding ransom money to unlock the computer.

To unlock the computer, the user is instructed to pay a fee of $450 using a Green Dot MoneyPak Card available at many local retailers. Once the Green Dot card is obtained, the user is instructed to enter in the Green Dot card's code to release the funds.

The malware first came to the attention of the FBI in 2011. Since that time, the virus has become more widespread in both the U.S. and internationally.

In addition to the ransomware, the FBI warns, Citadel malware can continue to operate on the infected computer and can be used to commit online banking and credit card fraud.

Unfortunately, there is no easy fix for this type of malware and the average computer user will not be able to fix the problem.

If you are a victim of this malware, the BBB and Internet Crime Complaint Center (IC3) suggest the following advice.

  • Do not pay any money or provide personal information
  • Contact a computer professional to remove the malware from your computer.
  • Be aware, even if you are able to unfreeze your computer on your own, the malware may still be present on your computer and operate in the background.
  • Certain types of malware have been known to capture personal information such as user names, passwords and credit card number through embedded keystroke programs.
  • File a complaint on the IC3 website.