Ransomware Uses Reveton to Phish Ukash and Paysafecard Credentials

Experts from Microsoft’s Malware Protection Center (MMPC) warn users to be on the lookout for schemes that rely on ransomware to steal login credentials for online payment services such as Ukash and Paysafecard.

Similar to previously seen ransomware schemes, the victims’ computers become locked, displaying a screen that accuses users, on behalf of law enforcement agencies, of accessing illegal content.

In order to unlock the device, the unsuspecting internaut is requested to pay a so-called fine via Ukash or Paysafecard.

When the user clicks on the link associated with the payment method he chooses, he/she is taken to a site that’s cleverly designed to phish account credentials, and send them back to a remote server in Russia.

Microsoft identifies the pieces of malware that fuel this scheme as Trojan:HTML/Ransom.A and Trojan:Win32/Reveton.A.

As always, there’s no guarantee that once the fine is paid the cybercriminals that run the operation will take their time to unlock the computer. And even if they do unlock it, it’s not recommended that you comply with their demands.

To protect your device against such threats, make sure that you have an up-to-date antivirus solution running in the background. Also, be careful which sites you visit and what links you click on while surfing the web.

In a large number of cases, these malicious elements are served via adult sites. That way, when the ransomware steps into play and accuses the user of accessing illegal adult content, everything seems more realistic.

If you are a victim of such schemes, try to run a full system scan from the operating system’s safe mode. If that doesn’t do the trick, try using a rescue disk provided by security solutions providers to get rid of the nasty infection.

If you must, hire a professional, but never pay the crooks for the system to be unlocked.


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.