FBI – Your PC is Blocked
Another addition to the list of ransom software is the one that mimics Federal Bureau of Investigation (FBI). AVG uncovers this malware and believes that it is distributed through Blackhole exploit kit. This malware can enter the computer through security breaches that attackers may discover on a target computer. Once inside the system, the malware will lock the desktop and display a message that purports to be from FBI. It will proclaim legal action against the user who violates Copyright laws for illegally using or distributing copyrighted contents.
This message will demand user to pay a $100 penalty for this offense through MoneyPak. This method is a payment system that allows user to buy credit from any partner convenience store and use the value to purchase online. This process obviously reveals that FBI is not in any way connected to this fraud activity. Most of the text that lies in this ransom page is copied from previous ransom malware that belong to the same group.
Part of the message that appears on this fake copyright violation page reads:
Federal Bureau of Investigation
Location: United States
IPS: GTS Central Europe
Your PC is blocked due to at least one of the reasons specified below.
You have been violating Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article I, Section B, Clause 8, also known as the Copyright of the Criminal Code of United States of America.
It is believed that there are several variants of this FBI virus. Security experts from Symantec categorized this group as Trojan.Ransomlock.R. Thus, you may use Symantec’s removal procedure to stop FBI virus from blocking your PC.
There is a much recent version of the FBI PC Blocking virus. Its authors either added or replaced the payment method to Ultimate Game Card. Please see screenshot below.
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7