Wednesday, 6 March 2013

Know the Enemy – Identifying & Removing the FBI Virus

What is the FBI Virus?

Also known as Reveton ransomware, the FBI virus is a form of malware - malicious software that criminals install on your computer without your consent. It provides criminals with the ability to freeze your computer from a remote location. Your computer screen is then filled with a pop-up window displaying a warning that your computer is locked by a local law enforcement agency, such as the FBI or Metropolitan Police, please read how to remove FBI Moneypak virus.

It demands that you pay a fine, claiming that you and your computer have been involved in illegal activities, such as the downloading and sharing of copyrighted files. New versions of the virus can activate your webcam and take a picture of you to display alongside the warning. Some versions now contain a dynamic configuration module which allows the hacker real time control of your browser. They can use this to create interactive pop-up boxes and responsive forms that request further personal information, such as your bank details and date of birth.




How does the FBI Virus work?

The main strategy behind the FBI virus is scare tactics and holding the victim’s computer to ransom. By persuading the victim that they are in serious trouble with the authorities the attackers hope to gain not just a one off payment but also intimidate the victim into providing payment details and other personal information. If the victim does comply and pays the fine as requested, this does not mean that the virus will be removed– the lock out screen may remain or the virus may appear to be removed but instead go into hiding and exploit other vulnerabilities using a wide range of malicious tactics.

It may be easy to assume as a knowledgeable, and security conscious, computer user that you would immediately identify this as a virus and not fall prey to ransomware. However the screenshots and tales circulating the internet show this to be convincing and threatening. By displaying an image of the victim on their screen or creating responsive pop-up boxes it becomes even more intrusive and damaging than simply locking the victim out of their computer. Even if the victim is aware that this was a scam, and not actually the FBI, the feeling of a hacker having control of your computer, capturing an image of you using your own technology and live communicating with you through a pop-up box could be considered akin to a burglar physically breaking into your home.

Detecting Infection

The FBI virus is usually installed when you click on a malicious attachment in an email or when you click on a malicious link in an instant message, email or a message on a social networking site. It could even be installed when you unknowingly pay a visit to a malicious website. When your computer becomes infected with the virus, your personal material and computer system’s functionality are put at risk. If your infected computer is switched on and connected to the Internet, the virus will have complete control over your computer and all of the data stored on it.

In addition to presenting you with an “official” warning on your frozen computer system, the FBI virus is likely to bring less obvious malware. It has been reported by the, genuine, FBI that Reveton malware is being combined with Citadel, an advanced and powerful malware that is particularly difficult to remove. If you believe that your computer has been infected by a malicious program, you should run a full system scan using trusted antivirus software.

Removing the FBI Virus

To remove the FBI virus and other types of malicious software that may be installed on your computer, you will need to have an up-to-date antivirus program on your computer. While it may be possible for you to manually remove the FBI virus, and there are several sites including this one which provide instructions on how to do this, this could result in permanent damage to your system, particularly if you are not completely confident in how to go about this.

Thus, manually removing the FBI virus is only recommended if you are confident in your ability and willing to sacrifice everything should it go wrong. For the majority of cases total removal of the FBI virus, and possibly Citadel malware, requires reinstalling your operating system from a rescue disc or master boot record. Hopefully you will be have been vigilant in your scheduled data backups and won’t suffer too much loss. It is important to remember that this virus, or any form of ransomware or malware, could have gained access to your passwords. Once you have successfully cleared your computer of infection you should ensure your accounts have not been compromised and change all passwords to something completely new, unique and, hopefully, uncrack-able. If you don't know how to create a strong password, please read this article.

Preventing FBI Virus Infection

As we all know the best cure for anything is prevention. In order to prevent infection from the FBI virus or any other form of malware, it is advised to avoid clicking on links to suspicious websites, opening spam email messages, visiting adult websites or downloading and using pirated software. It is also strongly recommended to install a reputable antivirus program, such as Kaspersky, on all your internet-enabled devices. Take the time to make a rescue disc or USB drive; you never know when you might need it.

No comments:

Post a Comment