A new ransomware scam locks down its victims’ computers, attempting to convince them that child pornography has been found therein, and informs users that their machine will be unlocked only after paying a $17 (500 ruble) fine, according to a BitDefender analysis reported by MalwareCity.

The trojan, Trojan.Agent.ARVP, is currently targeting users in Russia, but a quick translation could change that, according to the report. The malware is spreading through malicious links on social networking sites right now.

Users have 12 hours to pony up the $17, before the scammers forward the (likely non-existent) child-porn to local authorities. The threat goes on to claim that if the fine remains unpaid, users’ data will be deleted, operating system uninstalled, and BIOS erased. Of course, as MalwareCity’s report claims, none of these things will actually happen, but the computer will remain locked. Paying the fine won’t do anything to change that.

The malware presents itself as a Russian language ransom note, reportedly blocking some 90 percent of the computer display. It also overwrites the Task Manager, Windows Explorer and User Init Logon, replacing them with copies of the Trojan.

The scam is a twist on older ones that use similar tactics to scare users into paying license fees or so-called fines. Other versions have popped up on mobile phones, as well.

Categories: Malware

Comment (1)

  1. Anonymous
    1

    I live in England, i regulary use adult material on my computer, i had a very similar thing, my computer locked – a police message was saying child pornographic stuff was found on my computer, i was shocked, every site i use is off google, i read it more carefully and it said they want £100 payment by UKash or it will stay locked, but when i read it a few times i could tell for sure that they were many Literacy mistakes..definately not written by an englishman…definate scam i thought, i messed around with my computer a bit and disconnected it from the internet and it dissapeared thankfully.

Comments are closed.