It’s alarming to get a message from the U.S. Department of Justice, so imagine what it would be like to get a message from the DoJ’s intellectual property website saying it is holding your computer hostage until it gets payments. Well, some people don’t have to imagine, because it’s happened to them. The Citadel malware is delivering ransomware called Reventon to computers through a very official looking website in an attempt to steal people’s money. Users may want to look to block applications susceptible to getting this type of malware, as it could end up being nasty to get rid of.
The warning on this threat comes from the Internet Crime Complaint Center, which says victims are lured to a “drive-by download” website to have the ransomware installed on their computer. After this point, the computer seizes up and accuses the user of visiting websites with illegal content, such as child porn.
“To unlock their computer the user is instructed to pay a $100 fine to the U.S. Department of Justice, using prepaid money card services,” IC3 says in its warning. “The geographic location of the user’s IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.”
PC World said people have to be careful with what they click on online to avoid things like this. If someone is unfamiliar with a link or it looks fishy, it should be completely avoided and blocked. Common sense strategies like this can help keep your computer much safer, with sophisticated malware lurking around the wilder – and not so wild – precincts of the web.
The DoJ has been having some other problems as of late tool. CSO Online reports that Anonymous claims it hacked the department and accessed 1.7 GB of data.
“We are releasing data to spread information, to allow the people to be heard and to know the corruption in their government,” Anonymous said in its statement, according to the website. “We are releasing it to end the corruption that exists, and truly make those who are being oppressed free.”
The DoJ is a trusted branch of the government, but even this venerable institution may have fallen victim to a cyberattack. This goes to show that everyday users need to invest in security solutions and watch out for what they click on, even if it is (or seems to be) coming from a trusted place.
Have you ever been a drive-by download victim? How did you recover? Let us know!