Latest Reveton ransomware strain includes IC3 warning

Share this article:

In an ironic twist, the purveyors of extortion malware known as Reveton are using the Internet Crime Complaint Center (IC3) name to lend credibility to their attempted heists.

IC3 serves as the national clearinghouse for online complaints, such as Reveton, and is the entity that published an alert Friday about the latest iteration of the Reveton threat.

Users typically fall victim to Reveton unexpectedly and unknowingly, through a tactic known as drive-by downloads in which their machines are infected simply when they visit a compromised site. Once their computers are hit, they freeze up, and users are greeted with a bogus notice on the screen that claims they have violated federal law -- typically for copyright or child pornography infractions --and they must make a payment via prepaid money card in order to regain control of their PC.

The new variant of the ransomware works in much of the same way as previous versions, except that this time, instead of the FBI, the message appears like it's coming from IC3.

Stephen Cobb, security evangelist of anti-virus company ESET, said Reveton is a steady, but not particularly widespread, threat, likely due to the cost of distributing it. After peaking in mid-October, it currently makes up a about one-tenth of one percent of the threats ESET sees from its users. By comparison, Conficker still is responsible for close to three percent of all threats.

But Reveton, which commonly is bundled with the dangerous banking trojan Citadel, is regularly being tweaked so to evade detection and, once installed on a machine, is difficult to remove.

"It's being hosted on a wide range of sites," Cobb said. "If they can get a server infected somewhere, they will host it...It can be very alarming when you get it. Even if you don't fall for it [and pay the ransom], you still got a problem."

Share this article:

Sign up to our newsletters

More in News

Cyber Command tests gov't collaboration in wake of attacks

The two-week exercise, "Cyber Guard 14-1," was completed this month.

Rhode Island hospital to pay $150K for past data breach

More than 12,000 patients' personal and health information was compromised in a breach at The Women & Infants Hospital of Rhode Island.

Sony to shell out $15M in PSN breach settlement

Sony to shell out $15M in PSN breach ...

The 2011 hack exposed the personal information of roughly 77 million users registered with PlayStation Network and Qriocity.