Metropolitan Police issue warnings about ransom malware

Viruses aren't going to disappear overnight, and their different variants are only going to evolve and be improved upon. Yet even with all the viruses kicking around, they rarely get coverage from authorities.

Ransomware is one of the flavors of virus you could discover, and the name says plenty. It restricts access to your computer and will demand cash to remove the restrictions. If you've ever installed a fake antivirus, that's a prime example of ransomware.

It's called Antivirus Pro. You know it's legit when it's called Pro!

The Metropolitan Police got round to issuing warnings about ransomware just recently, encouraging people not to fall for the deceptive tricks on display.

Most forms of ransomware are found by navigating to an infected webpage and either knowingly installing a file, or a 'drive-by download', where it will download without your consent. In any case you'll get a less-than-convincing error message and some restrictions applied.

The official Metropolitan Police warning reads as following:

We would advise anyone who has been deceived by such a message and parted with any money to report the offence to their local police by dialling "101" or your local police. Virus/Malware infections where no money has been lost can be logged at www.actionfraud.org.uk/report_fraud."

If you've ever been in a situation where you've installed ransomware, now is the time to act against it. Since these attacks are either growing more popular among hackers or the police have only just heard about them, it's worth logging them. Many people might not be savvy enough to know when to leave a webpage or scan their computer.

Source: The Hacker News
Antivirus Pro 2010: Average Joe's Guide to Home Computing
Ransomware webpage: The Hacker News

Report a problem with article
Previous Story

Pirate Bay co-founder to be deported out of Cambodia

Next Story

We're going to chat with Nokia and need your questions

14 Comments

Commenting is disabled on this article.

Seen it plenty of times (but a Belgian police variant). Some variants are detected by antivirus programs, last week I had one which at that point was undetected by 40+ antivirus programs.

It's not such a big pain to remove. Usually 10 minutes max.

Been looking to block exe's running from the aforementioned Appdata/local directory (using Kaspersky - since I don't want to mess with rights etc), but as far as I know, it's not possible.

To release a lock your computer...

So many bad mistakes in this message that anyone falling for it must be dumb.

I've been removing this pos from systems for a good 2 months now at least. It's fair OK to deal with, Just reboot into safe mode and remove it either with hitman pro or malwarebytes.

laserfloyd said,
I had one hit me a couple of nights ago. Was particularly annoying. Malwarebytes took care of it.

Did you figure out how it 'hit you"? Usually via a vulnerability somewhere on you system. May want to check your adobe reader,java and flash.

I've only ever seen this on cusotmers pc's with outdated version of java. Coincidence, I think not!

warwagon said,

Did you figure out how it 'hit you"? Usually via a vulnerability somewhere on you system. May want to check your adobe reader,java and flash.

Just reading it should tip anyone off....

"Moreover and e-mail spam was sent you're your computer, e-mails containing terroristic materials"

I had some users that had the "warnings" from the FBI. They had go to CVS, Walgreens, or 711 to pay their fine.

A lot of those ransom malware are a single exe file in the appdata/roaming directory. In the case of the FBI one it's in the local /temp director and adds and entry to start / programs / startup. A safe mode scan removes that. Some also come with MBR rootkits. Kasersky rescue CD is a good one to tell you if you have one of those.

I've had quite a few customers give money to them. Plus the famous story about the one woman who tried all 3 of her credit cards including her husbands

Been removing this from clients computers for the last two months, bit of a pain to get rid of tbh, average joe wont have a clue, same with the telephone scammers that phone up and pretend to be MS and get them to install logmein and take controll of their comp...