Reveton Ransomware Hides Under IC3 Notification
Developers of Reveton ransomware have changed their tactics a bit. The malware is now disguised as a notification from Internet Crime Complaint Center (IC3). The IC3 is a government organization, which is responsible for online complaints, such as ransomware. In fact, this organization published a report about the latest modifications of Reveton malware last Friday.
The developers of the ransomware use tactics, for the distribution of Reveton, known as drive-by-download. This means that the PC is infected in complete secrecy, when the user visits a corrupted webpage. Furthermore, the Reveton is often bundled with a banking virus called Citadel. Once the ransomware infects the computer, its screen becomes blocked. Furthermore, a notification appears, stating that the user has committed crimes such as illegal distribution of copyrighted material or storage of child pornography.
In the old version, it was claimed that the message was from FBI., whereas the updated Reveton ransomware supposedly originates from IC3. These are the only changes that were done to the malware. As usual, the notification is still demanding the user to pay fines for previously mentioned law violations using prepaid money card. According to the warning message, this is the only solution if the user wants to retrieve control of the computer.
Investigations carried by internet security companies revealed that the Reveton ransomware is not widely spread. It had its peak in the fall of 2012, and now this malware is just a minor threat comparing with other viruses such as Conflicker. The main reason is money because the distribution of the virus is quite expensive. Nevertheless, Reveton is frequently updated in order to avoid the improving security and antivirus software. As a result, the threat is still hard to remove. Users should also have in mind that the variety of websites which host the ransomware is huge.