DHS-Themed Ransomware, Again

Friday, August 2, 2013 @ 05:08 PM gHale


This isn’t the first time, but US-CERT has received reports of increased activity concerning DHS-themed ransomware malware infection, according to a report on US-CERT.

Targeted users receive a message claiming “use of their computer has been suspended” and the victim must pay a fine to unblock it. One iteration of this malware also takes a webcam (if available) photo or video of a recipient and posts it in a pop-up to add to the appearance of legitimacy.

RELATED STORIES
DHS Ransomware Making Rounds
Mac Attack: Ransomware Targets Safari
Ransomware Forces Survey on Victim
Music App a Political Android Trojan

The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division.

Users who end up infected with the malware should consult with a security expert to assist in removing the malware, or perform a clean reinstallation of their OS after formatting their computer’s hard drive.

US-CERT and DHS encourage users and administrators not to pay the perpetrators and to report the incident to the FBI at the Internet Crime Complaint Center (IC3).

Use caution when encountering these types of email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns that attempt to frighten and deceive a recipient for the purpose of illegal gain:
• Do not click on or submit any information to webpages.
• Do not follow unsolicited web links in email messages.
• Use caution when opening email attachments. Refer to the Security Tip “Using Caution with Email Attachments” for more information on safely handling email attachments.
• Maintain up-to-date antivirus software.
• Infected users should change all passwords after removing the malware from their system.
• Refer to the “Recognizing and Avoiding Email Scams” document for more information on avoiding email scams.
• Refer to the Security Tip “Avoiding Social Engineering and Phishing Attacks” for more information on these forms of attacks.



Leave a Reply

You must be logged in to post a comment.