Citadel trojan uses child porn scare to extort cash

Share this article:

The banking trojan Citadel, which is a variant of the insidious Zeus malware, now is being used to trick users into believing they have violated U.S. law and must pay a fine to unfreeze their computers, according to federal task force warning issued Wednesday.

Victims are lured into visiting a drive-by download site, which installs what is known as scareware, said an alert from the Internet Crime Complaint Center, which is made up of the FBI, National White Collar Crime Center and Bureau of Justice Assistance.

This scam software, dubbed Reveton, freezes the user's computer and prompts a pop-up that falsely informs the user they have violated federal law by visiting child pornography sites. To unlock their computer, victims are told they must pay a $100 fine to the U.S. Department of Justice.

The malware authors leverage the user's IP address to offer them online payment methods which they are familiar with and work in their country.

In the meantime, Citadel, which uses a social networking-type structure so its purveyors can communicate, remains on the victim's machine and is capable of stealing banking credentials.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.