Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Copyright violation alert ransomware in the wild


15 Apr 2010   #1

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 
Copyright violation alert ransomware in the wild

Quote:
April 12th, 2010

Copyright violation alert ransomware in the wild

Posted by Dancho Danchev @ 7:02 am



A currently ongoing ransomware campaign is using a novel approach to extort money from end users whose PCs have been locked down.

By pretending to be the fake ICPP Foundation (icpp-online.com), the ransomware locks down the user’s desktop issuing a “Copyright violation: copyrighted content detected” message, which lists torrent files found on the infected PC, and forces the user to pay $400 for the copyright holder’s fine, emphasizing on the fact that “the maximum penalties can be five years in prison and up to $250,000 in fines.

More details on the campaign:


Upon execution the ransomware will change the Desktop’s wallpaper to the “Warning! Piracy detected!” background.
More at: Copyright violation alert ransomware in the wild | Zero Day | ZDNet.com

My System SpecsSystem Spec
.

15 Apr 2010   #2
NoN

Windows 7 Professional SP1 - x64
 
 

You"ll have to be dumb to pay that amount...right away.

I guess manies are knowing it is barely impossible such thing happens to force you to pay before any policemen investigations break your front door!

"Money, always that damn money!"
My System SpecsSystem Spec
15 Apr 2010   #3

WinXP / Win 7 / Win 8.1 64bit Dual Boot
 
 
Scammers

First clue would be that the creators of this warning message don't know how to spell. Incorrect spelling is a pretty good clue to a scam.
Receive and Received is misspelled.
my .02 worth
My System SpecsSystem Spec
.


15 Apr 2010   #4

Microsoft Community Contributor Award Recipient

Windows 7 Pro 64 SP1
 
 

Quote   Quote: Originally Posted by hoganth View Post
First clue would be that the creators of this warning message don't know how to spell. Incorrect spelling is a pretty good clue to a scam.
Receive and Received is misspelled.
my .02 worth
Good eye hoganth, Good point too.
I certainly wouldn't give up any money that easy either.
My System SpecsSystem Spec
15 Apr 2010   #5

Windows 7 Home Premium 64-bit
 
 

makes note to ban my kid off computer...
My System SpecsSystem Spec
16 Apr 2010   #6

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

A friend just asked for help when some bogus av program locked him out of the desktop and actually created a new admin account on the older XP build. I;ve tried getting him to watch the things he clicks on to no avail. A separate system rescue program had to downloaded to a flash drive and copied onto the infected system with that booted in safe mode just to copy the file over to the main drive.

The bogus av claimed all things were infected and he had to buy the full version of ... what? No trial was on and no program in the add/remove either. Fortunately he was able to get the rescue program running when rebooting with a normal startup and saw the I-Worm type hoax removed! The new admin account vanished as well once the bug was off.

All this shows people have to stay onguard for all types of gimics to infect pcs or scam people out of their incomes! The opportunists lurk in the shadows or under false guises to beware of!
My System SpecsSystem Spec
16 Apr 2010   #7

Windows 7 Ultimate 32 bit
 
 

I hope he learned from this.
My System SpecsSystem Spec
16 Apr 2010   #8

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

Maybe? Most likely not however! At first a drive wipe was being pondered due to the volume of bugs thought to be on the 4yr. old installation. Surprizingly the rescue program cleaned not only the bogus av program but numerous other adbots and whatever as it ran.

A few years back if I recall there was some bogus virus alert that claimed your hard drive would be ruined if it got on making the drive useless. Obviously another form of scam being seen then to get people to buy some software! This is why you always double check any offers and look for a main home site before even pressing any upgrade to buy option to avoid being taken in!
My System SpecsSystem Spec
16 Apr 2010   #9
NoN

Windows 7 Professional SP1 - x64
 
 

Quote   Quote: Originally Posted by Night Hawk View Post
A friend just asked for help when some bogus av program locked him out of the desktop and actually created a new admin account on the older XP build. I;ve tried getting him to watch the things he clicks on to no avail. A separate system rescue program had to downloaded to a flash drive and copied onto the infected system with that booted in safe mode just to copy the file over to the main drive.

The bogus av claimed all things were infected and he had to buy the full version of ... what? No trial was on and no program in the add/remove either. Fortunately he was able to get the rescue program running when rebooting with a normal startup and saw the I-Worm type hoax removed! The new admin account vanished as well once the bug was off.

All this shows people have to stay onguard for all types of gimics to infect pcs or scam people out of their incomes! The opportunists lurk in the shadows or under false guises to beware of!
He he he...that's is not a new one from hoax...it happens once to me back in the early XP and i had hard time as the seller repair shop had too...he had to change me the infected machine after six month to a new one. It has cost them a fortune during all the warranty time and luckily they couldn't blame me as i had paid the Norton Software pre-installed for the year warranty.
My System SpecsSystem Spec
16 Apr 2010   #10

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

When you looked at the name of the phony program it was newer then the PCVirus2009 hoax now being called System Protect trying trick people by borrowing the name of an actuall freeware program by the same name. Only the real program is seen in the Control Panel and offers the uninstall option as well.

Wait a few more months and some other name will appear! This is why playing it smart by first looking anything new first to get the facts before installing it can save you a world of hurt later!
My System SpecsSystem Spec
Reply

 Copyright violation alert ransomware in the wild




Thread Tools



Similar help and support threads for2: Copyright violation alert ransomware in the wild
Thread Forum
Digitally signed ransomware lurking in the wild Security News
Copyright? Music, Pictures & Video
Copyright Violation! Evony.com Vs. Age or Empires. Gaming
Copyright Violation! Evony.com Vs. Age of Empires. Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:05 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33