Citadel trojan uses child porn scare to extort cash

Share this article:

The banking trojan Citadel, which is a variant of the insidious Zeus malware, now is being used to trick users into believing they have violated U.S. law and must pay a fine to unfreeze their computers, according to federal task force warning issued Wednesday.

Victims are lured into visiting a drive-by download site, which installs what is known as scareware, said an alert from the Internet Crime Complaint Center, which is made up of the FBI, National White Collar Crime Center and Bureau of Justice Assistance.

This scam software, dubbed Reveton, freezes the user's computer and prompts a pop-up that falsely informs the user they have violated federal law by visiting child pornography sites. To unlock their computer, victims are told they must pay a $100 fine to the U.S. Department of Justice.

The malware authors leverage the user's IP address to offer them online payment methods which they are familiar with and work in their country.

In the meantime, Citadel, which uses a social networking-type structure so its purveyors can communicate, remains on the victim's machine and is capable of stealing banking credentials.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.