Staying safe on the Internet is a never-ending battle as there has been an increase in reports about a new online threat called the Reveton virus. Also known as the FBI Moneypak virus, a screen displays with a message that looks as if it was sent from the FBI (or possibly another law enforcement agency). The message on the screen uses scare tactics to make the user believe that he/she has performed some type of illegal action, such as a copyright violation, and that he/she must pay a fee to release the computer from a “lockdown” state. Of course paying the money doesn’t remove the “lockdown” or the malware from the computer. A user most likely gets this infection by visiting a malicious website and/or visiting an infected website that performs a “drive-by download” usually happening without interaction from the user.
Certain precautions can always be taken to ward off malware like Reveton and other malicious activity that may result on your computer. Always run current and updated malware and anti-virus software. You should also be cautious when downloading files from the Internet ensuring that they come from reputable sources. And, keep an eye out for email attachments with file extensions .exe, .vbs, .bat, and .pif, to name a few, as these are commonly used to hide and transmit viruses and worms.
For those that have been infected with the virus, the FBI has issued the following guidelines that can be followed to manage the infection:
- Do not pay any money or provide any personal information.
- Contact a computer professional to remove Reveton and Citadel from your computer.
- Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain types of malware have been known to capture personal information such as user names, passwords, and credit card numbers through embedded keystroke logging programs.
- File a complaint and look for updates about the Reveton virus on the IC3 website.
For additional information on Reveton, you can check out the FBI’s website here.
AUG