Citadel trojan uses child porn scare to extort cash

Share this article:

The banking trojan Citadel, which is a variant of the insidious Zeus malware, now is being used to trick users into believing they have violated U.S. law and must pay a fine to unfreeze their computers, according to federal task force warning issued Wednesday.

Victims are lured into visiting a drive-by download site, which installs what is known as scareware, said an alert from the Internet Crime Complaint Center, which is made up of the FBI, National White Collar Crime Center and Bureau of Justice Assistance.

This scam software, dubbed Reveton, freezes the user's computer and prompts a pop-up that falsely informs the user they have violated federal law by visiting child pornography sites. To unlock their computer, victims are told they must pay a $100 fine to the U.S. Department of Justice.

The malware authors leverage the user's IP address to offer them online payment methods which they are familiar with and work in their country.

In the meantime, Citadel, which uses a social networking-type structure so its purveyors can communicate, remains on the victim's machine and is capable of stealing banking credentials.

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.