To unlock the computer, the user is instructed to pay a fine to the U.S. Department of Justice using a prepaid money card service. The geographic location of the user’s IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud. If you have received this or something similar, do not follow payment instructions. Infected computers may not operate normally. If your computer is infected, you may need to contact a local computer expert for assistance to remove the malware.
It is suggested that you:
- File a complaint at www.IC3.gov. Look for updates about the Reveton virus on the IC3 website.
- Seek out a local computer expert to assist with removing the malware.
- Do not pay any money or provide personal information.
- Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain types of malware have been known to capture personal information such as user names, passwords, and credit card numbers through embedded keystroke logging programs.