The Reveton ransomware, used in conjunction with the Citidel malware, is considered drive-by because it can infect the computer simply by the victim visiting a compromised website – no opening of files or attachments required, according to an FBI advisory.
Once the computer has been infected and locked, a bogus message says that the user's internet address has been identified by the FBI as having downloaded child pornography or engaged in other illegal online activity. To unlock their machines, victims are required to pay a “fine” using a prepared money card service.
“Some people have actually paid the so-called fine”, said Donna Gregory, with the Internet Crime Complaint Center (IC3). Established in 2000 as a partnership between the FBI and the National White Collar Crime Center, IC3 gives victims a way to report cybercrimes and provides law enforcement and regulatory agencies with a central referral system for complaints.
“We are getting dozens of complaints every day. Unlike other viruses, Reveton freezes your computer and stops it in its tracks. And the average user will not be able to easily remove the malware”, Gregory explained.
The IC3 suggests the following steps for victims of the Reveton virus: do not pay any money or provide any personal information; contact a computer professional to remove the malware from your computer; be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background; and file a complaint and look for updates about the Reveton virus on the IC3 website.