DHS Ransomware Making Rounds

Thursday, March 21, 2013 @ 02:03 PM gHale

Ransomware is going out informing victims the Department of Homeland Security (DHS) has “suspended” their devices, according to a report from US-CERT.

The ploy could end up being pretty effective since DHS is such a huge entity in the cyber attack scene. Ransomware helps cybercriminals make millions of dollars each year, so this is just one more way to improve their offerings and changing tactics to ensure the success of their campaigns.

European Trojan Locks Up Systems
Ransomware Leverages Windows PowerShell
Trojan a Work of ‘Poetry’
Ransomware Encrypts Data

In this case, victims get an email message, apparently coming from the DHS’s National Cyber Security Division, which reads, “the work of your computer has been suspended on the grounds of the violation of the law of the United States of America.”

Victims then learn if they pay a fine of $300 they can have their computers unlocked.

Based on US-CERT’s report, it is not entirely clear where the malicious attack occurs.

Users should just avoid clicking on links contained in suspicious emails. They also should not provide any information or money to the attackers.

US-CERT and DHS encourage users and administrators to use caution when encountering these types of email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns that attempt to frighten and deceive a recipient for the purpose of illegal gain:
• Do not click on or submit any information to web pages.
• Do not follow unsolicited web links in email messages.
• Use caution when opening email attachments.
• Maintain up-to-date antivirus software.

Leave a Reply

You must be logged in to post a comment.