Home Malware Programs Ransomware FBI Cybercrime Division MoneyPak Ransomware

FBI Cybercrime Division MoneyPak Ransomware

Posted: February 10, 2013

FBI Cybercrime Division MoneyPak Ransomware Screenshot 1Although most Reveton family-based ransomware Trojans confine themselves to Europe, the FBI Cybercrime Division Virus is one of several members of that family that attack the United States. The FBI Cybercrime Division Virus's fake pop-up alert demands a heavy MoneyPak fee as compensation for such common crimes as copyright violation, but, naturally, the FBI Cybercrime Division Virus isn't affiliated with the real FBI. Like all Reveton Trojans that SpywareRemove.com malware experts have analyzed, the FBI Cybercrime Division Virus will block most applications on your PC, and should be considered to be a danger until you can remove the FBI Cybercrime Division Virus with suitable security software.

Why Landing in the Slammer Isn't What You Need to Worry About with an FBI Cybercrime Division Virus

The FBI Cybercrime Division Virus, like other Reveton-based ransomware, most likely is distributed via spam e-mail and social network-based spam that abuses Trojan droppers or links to exploit kit-hosting websites. After the FBI Cybercrime Division Virus is installed by one means or another, the FBI Cybercrime Division Virus displays a warning pop-up upon a reboot. This alert blocks your desktop and looks like a real alert from the FBI – although SpywareRemove.com malware analysts can confirm that it's just another HTML pop-up with the border removed.

Besides accusing you of trafficking in online pornography, the FBI Cybercrime Division Virus threatens you with a minimum of four years of imprisonment if you fail to pay its MoneyPak fee. Of course, since the FBI Cybercrime Division Virus isn't linked to any type of lawful authority and can't detect the crimes that the FBI Cybercrime Division Virus claims to have associated with your PC, SpywareRemove.com malware experts can't recommend paying the FBI Cybercrime Division Virus's ransom. Instead, you should delete the FBI Cybercrime Division Virus with anti-malware products, just the same as you would treat any other type of Trojan.

Why the FBI Cybercrime Division Virus's Old Scam Still Has Teeth

While the FBI Cybercrime Division Virus may seem like a relatively unbelievable scam, this isn't the first time that Reveton Trojans have targeted the US – nor even the first time they've used FBI-themed messages to do so. Closely-related ransomware Trojans include Police Central e-crime Unit (PCEU) ransomware, Poliisi, Tietoverkkorikos Tutkinnan Yksikkö Ransomware, 'Metropolitan Police Total Policing' Ransomware, Votre ordinateur est bloqué Gendarmerie Ransomware, the United Kingdom Police Ukash Virus, the 'I Suoi Archivi Sono Stati Cifrati' Trojan and the Scotlands Yard Ukash Virus.

Part of the FBI Cybercrime Division Virus's efficacy can be attributed to related attacks that may make PC users panic from how effectively the FBI Cybercrime Division Virus disrupts your normal computer usage. Side effects of an FBI Cybercrime Division Virus infection can include:

  • Being unable to access most of the Windows interface, including your desktop, shortcuts and various applications.
  • Having security-related programs and features blocked (even if they're set to launch automatically).
  • Browser hijacks that redirect your browser to unusual error pages.
  • Finally, the FBI Cybercrime Division Virus also may install other malware onto your PC, although its dominant payload remains its pop-up and associated program-blocking behavior.

Ransomware like the FBI Cybercrime Division Virus usually must be disabled before they can be deleted. SpywareRemove.com malware analysts recommend that you first attempt to deactivate the FBI Cybercrime Division Virus's startup exploit by booting your PC with the Safe Mode feature for Windows. If Safe Mode doesn't disable the FBI Cybercrime Division Virus, you should load a recovery OS onto a removable drive. Regardless of which method you prefer to use, anti-malware software is strongly recommended for removing the FBI Cybercrime Division Virus.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to FBI Cybercrime Division MoneyPak Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner*

* See Free Trial offer below. EULA and Privacy/Cookie Policy.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%\skype.dat File name: %AppData%\skype.dat
File type: Data file
Mime Type: unknown/dat

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell = "explorer.exe,%AppData%\skype.dat"

Additional Information

The following messages's were detected:
# Message
1FBI CYBERCRIME DIVISION
International Cyber Security Protection Alliance
ATTENTION! Your PC is blocked due at least one of the reasons specified below.
You have been violating Copyright and Related Rights Law. (Video, Music, Software) and illegally using or distributing copyrighted content, thus infringing Article 1, Section 2, Clause 8, also known as the Copyright of the Criminal Code of United States of America.
Article 1, Section 2, Clause 8 of the Criminal Code provides for a fine of 200 to 500 minimal wages or a deprivation of liberty for 2 to 8 years.
You have been viewing or distributing prohibited Pornographic content (Child Porn/Zoophilia and etc). Thus violating Article 2, Section 1, Clause 2 of the Criminal Code of United States of America.
Article 2, Section I, Clause 2 of the Criminal Code provides for a deprivation of liberty for 4 to 12 years.
Illegal access to computer data has been initiated from your PC, or you have been...
Article 2, Section 1, Clause 8 of the Criminal Code provides for a fine of up to 5200,000 and/or a deprivation of liberty for 4 to 9 years.
Illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating the law On Neglectful Use of Personal Computer.
Article 2, Section 1, Clause 1 of the Criminal Code provides for a fine of up to 5200,000 and/or deprivation of liberty for 4 to 9 years.
Spam distribution or other unlawful advertising has been effected from your PC as a profit-seeking activity or without your knowledge, your PC may be infected by malware.
Article 2, Section 1, Clause 2 of the Criminal Code provides for a fine of up to 5500,000 and a deprivation of liberty of up to 6 years. In case this activity has been effected without your knowledge, you fall under the above mentioned Article 2, Section 1, Clause 1 of the Criminal Code of United States of America.
Your personality and address are currently being identified, a criminal case is going to be initiated against you under one or more articles specified above within the next 72 hours.
Pursuant to the amendment to the Criminal Code of United States of America of February 05, 2013, this law infringement (if it is not repeated – first time) may be considered as conditional in case you pay the fine to the State.
Fines may only be paid within 72 hours after the infringement. As soon as 72 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 hours! To unblock the computer you must pay the fine through MoneyPak of $300. When you pay the fine, your PC will get unlocked in 1 to 72 hours after the money is put into the State's account.
Since your PC is unlocked, you will be given 7 days to correct all violations.
In case all violations are not corrected after 7 working days, your PC will be blocked again, and a criminal case will be initiated against you automatically under one or more articles specified above.

SpyHunter Free Trial: Important Terms & Conditions

The SpyHunter Trial version includes, for one device, a one-time 7-day Trial period for SpyHunter 5 Pro (Windows) or SpyHunter for Mac, offering comprehensive malware detection and removal functionality, high-performance guards to actively protect your system from malware threats, and access to our technical support team via the SpyHunter HelpDesk (or the number of devices set forth in the promotional materials/purchase page). You will not be charged upfront during the Trial period, although a credit card is required to activate the Trial. (Prepaid credit cards, debit cards, and gift cards are not accepted under this offer.) The requirement for your payment method is to help ensure continuous, uninterrupted security protection during your transition from a Trial to a paid subscription should you decide to purchase. Your payment method will not be charged a payment amount upfront during the Trial, although authorization requests may be sent to your financial institution to verify that your payment method is valid (such authorization submissions are not requests for charges or fees by EnigmaSoft but, depending upon your payment method and/or your financial institution, may reflect on your account availability). You can cancel your Trial by contacting EnigmaSoft no later than two business days before the 7-day Trial period expires to avoid a charge coming due and being processed immediately after your Trial expires. If you decide to cancel during your Trial, you will immediately lose access to SpyHunter. If, for any reason, you believe a charge was processed that you did not wish to make (which could occur based on system administration, for example), you may also cancel and receive a full refund for the charge any time within 30 days of the date of the purchase charge. See FAQs.

At the end of the Trial, you will be billed upfront immediately at the price and for the subscription period as set forth in the offering materials and registration/purchase page terms (which are incorporated herein by reference; pricing may vary by country or promotion per purchase page details) if you have not timely canceled. Pricing typically starts at $72 for 3 months (SpyHunter Pro Windows) and $42 for 3 months (SpyHunter for Mac). Your purchased subscription will be automatically renewed in accordance with the registration/purchase page terms, which provide for automatic renewals at the then applicable standard subscription fee in effect at the time of your original purchase and for the same subscription time period or as set forth in the promotion materials/purchase page, provided you’re a continuous, uninterrupted subscription user. Please see the purchase page for details. Trial subject to these Terms, your agreement to EULA/TOS, Privacy/Cookie Policy, and Discount Terms. If you wish to uninstall SpyHunter, learn how.

For payment on the automatic renewal of your subscription, an email reminder will be sent to the email address you provided when you registered before each payment date. At the onset of your trial, you will receive an activation code that is limited to use for only one Trial and for only one device per account. Your subscription will automatically renew at the price and for the subscription period in accordance with the offering materials and registration/purchase page terms (which are incorporated herein by reference; pricing may vary by country or promotion per purchase page details), provided that you are a continuous, uninterrupted subscription user. For paid subscription users, if you cancel, you will continue to have access to your product(s) until the end of your paid subscription period. If you wish to receive a refund for your then current subscription period, you must cancel and apply for a refund within 30 days of your most recent purchase, and you will immediately stop receiving full functionality when your refund is processed.

For CALIFORNIA CONSUMERS, please see the notice provisions:

NOTICE TO CALIFORNIA CONSUMERS: Per the California Automatic Renewal Law, you may cancel a subscription as follows:

  1. Go to www.enigmasoftware.com and click the "Login" button at the top right corner.
  2. Log in with your username and password.
  3. In the navigation menu, go to "Order/Licenses." Next to your order/license, a button is available to cancel your subscription if applicable. Note: If you have multiple orders/products, you will need to cancel them on an individual basis.

Should you have any questions or problems, you can contact our EnigmaSoft support team by phone at +1 (888) 360-0646 (USA Toll-Free) / +353 76 680 3523 (Ireland/International) or by email at support@enigmasoftware.com.

How do you cancel a SpyHunter Trial? Users should contact EnigmaSoft Limited directly to cancel a SpyHunter Trial. Users can contact our technical support team by emailing support@enigmasoftware.com, opening a ticket in the SpyHunter HelpDesk, or calling +1 (888) 360-0646 (USA) / +353 76 680 3523 (Ireland/International). You can access the SpyHunter HelpDesk from SpyHunter's main screen. To open a support ticket, click on the "HelpDesk" icon. In the window that appears, click the "New Ticket" tab. Fill out the form and click the "Submit" button. If you are unsure of what "Problem Type" to select, please choose the "General Questions" option. Our support agents will promptly process your request and respond to you.

------

SpyHunter Purchase Details

You also have the choice of subscribing to SpyHunter immediately for full functionality, including malware removal and access to our support department via our HelpDesk, typically starting at $42 for 3 months (SpyHunter Basic Windows) and $42 for 3 months (SpyHunter for Mac) in accordance with the offering materials and registration/purchase page terms (which are incorporated herein by reference; pricing may vary by country or promotion per purchase page details). Your subscription will automatically renew at the then applicable standard subscription fee in effect at the time of your original purchase subscription and for the same subscription time period or as set forth in the promotion materials/purchase page, provided you’re a continuous, uninterrupted subscription user and for which you will receive a notice of upcoming charges before the expiration of your subscription. Purchase of SpyHunter is subject to the terms and conditions on the purchase page, EULA/TOS, Privacy/Cookie Policy and Discount Terms.

------

General Terms

Any purchase for SpyHunter under a discounted price is valid for the offered discounted subscription term. After that, the then applicable standard pricing will apply for automatic renewals and/or future purchases. Pricing is subject to change, although we will notify you in advance of price changes.

All SpyHunter versions are subject to your agreeing to our EULA/TOS, Privacy/Cookie Policy, and Discount Terms. Please also see our FAQs and Threat Assessment Criteria. If you wish to uninstall SpyHunter, learn how.

Spywareremove.com uses cookies to provide you with a better browsing experience and analyze how users navigate and utilize the Site. By using this Site or clicking on "OK", you consent to the use of cookies. Learn more.