Copyright violation alert ransomware in the wild

Page 1 of 2 12 LastLast

  1. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
       #1

    Copyright violation alert ransomware in the wild


    April 12th, 2010

    Copyright violation alert ransomware in the wild

    Posted by Dancho Danchev @ 7:02 am



    A currently ongoing ransomware campaign is using a novel approach to extort money from end users whose PCs have been locked down.

    By pretending to be the fake ICPP Foundation (icpp-online.com), the ransomware locks down the user’s desktop issuing a “Copyright violation: copyrighted content detected” message, which lists torrent files found on the infected PC, and forces the user to pay $400 for the copyright holder’s fine, emphasizing on the fact that “the maximum penalties can be five years in prison and up to $250,000 in fines.

    More details on the campaign:


    Upon execution the ransomware will change the Desktop’s wallpaper to the “Warning! Piracy detected!” background.
    More at: Copyright violation alert ransomware in the wild | Zero Day | ZDNet.com
      My Computers


  2. NoN
    Posts : 4,166
    Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
       #2

    You"ll have to be dumb to pay that amount...right away.

    I guess manies are knowing it is barely impossible such thing happens to force you to pay before any policemen investigations break your front door!

    "Money, always that damn money!"
      My Computer


  3. Posts : 123
    WinXP / Win 7 / Win 8.1 64bit Dual Boot
       #3

    Scammers


    First clue would be that the creators of this warning message don't know how to spell. Incorrect spelling is a pretty good clue to a scam.
    Receive and Received is misspelled.
    my .02 worth
      My Computer


  4. Posts : 17,322
    Win 10 Pro x64
       #4

    hoganth said:
    First clue would be that the creators of this warning message don't know how to spell. Incorrect spelling is a pretty good clue to a scam.
    Receive and Received is misspelled.
    my .02 worth
    Good eye hoganth, Good point too.
    I certainly wouldn't give up any money that easy either.
      My Computer


  5. Posts : 310
    Windows 7 Home Premium 64-bit
       #5

    makes note to ban my kid off computer...
      My Computer


  6. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
    Thread Starter
       #6

    A friend just asked for help when some bogus av program locked him out of the desktop and actually created a new admin account on the older XP build. I;ve tried getting him to watch the things he clicks on to no avail. A separate system rescue program had to downloaded to a flash drive and copied onto the infected system with that booted in safe mode just to copy the file over to the main drive.

    The bogus av claimed all things were infected and he had to buy the full version of ... what? No trial was on and no program in the add/remove either. Fortunately he was able to get the rescue program running when rebooting with a normal startup and saw the I-Worm type hoax removed! The new admin account vanished as well once the bug was off.

    All this shows people have to stay onguard for all types of gimics to infect pcs or scam people out of their incomes! The opportunists lurk in the shadows or under false guises to beware of!
      My Computers


  7. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #7

    I hope he learned from this.
      My Computer


  8. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
    Thread Starter
       #8

    Maybe? Most likely not however! At first a drive wipe was being pondered due to the volume of bugs thought to be on the 4yr. old installation. Surprizingly the rescue program cleaned not only the bogus av program but numerous other adbots and whatever as it ran.

    A few years back if I recall there was some bogus virus alert that claimed your hard drive would be ruined if it got on making the drive useless. Obviously another form of scam being seen then to get people to buy some software! This is why you always double check any offers and look for a main home site before even pressing any upgrade to buy option to avoid being taken in!
      My Computers


  9. NoN
    Posts : 4,166
    Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
       #9

    Night Hawk said:
    A friend just asked for help when some bogus av program locked him out of the desktop and actually created a new admin account on the older XP build. I;ve tried getting him to watch the things he clicks on to no avail. A separate system rescue program had to downloaded to a flash drive and copied onto the infected system with that booted in safe mode just to copy the file over to the main drive.

    The bogus av claimed all things were infected and he had to buy the full version of ... what? No trial was on and no program in the add/remove either. Fortunately he was able to get the rescue program running when rebooting with a normal startup and saw the I-Worm type hoax removed! The new admin account vanished as well once the bug was off.

    All this shows people have to stay onguard for all types of gimics to infect pcs or scam people out of their incomes! The opportunists lurk in the shadows or under false guises to beware of!
    He he he...that's is not a new one from hoax...it happens once to me back in the early XP and i had hard time as the seller repair shop had too...he had to change me the infected machine after six month to a new one. It has cost them a fortune during all the warranty time and luckily they couldn't blame me as i had paid the Norton Software pre-installed for the year warranty.
      My Computer


  10. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
    Thread Starter
       #10

    When you looked at the name of the phony program it was newer then the PCVirus2009 hoax now being called System Protect trying trick people by borrowing the name of an actuall freeware program by the same name. Only the real program is seen in the Control Panel and offers the uninstall option as well.

    Wait a few more months and some other name will appear! This is why playing it smart by first looking anything new first to get the facts before installing it can save you a world of hurt later!
      My Computers


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:38.
Find Us