Shocked! That’s how Boise resident Bill Allen says he felt when he opened up his computer and discovered that it had been taken over by the FBI.
“You can’t imagine what it was like to see this full-screen view stating that I violated the criminal code,” Allen says. “It claimed that I had violated copyright laws, dealt with pornography, and contracted malware.”
Allen was so convinced the Federal Bureau of Investigation had taken over his computer on a late Friday afternoon that he stewed about what to do all weekend.
After the initial shock diminished, he says he felt puzzled as to why the FBI would demand he pay a $200 fine within 72 hours to unfreeze his computer. “Fines may only be paid within 72 hours after then infringement. As soon as 72 hours elapse, the possibility to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 hours!”
Allen was among a handful of victims of this latest FBI Moneypak virus malware that has moved into the Treasure Valley. Designated by the FBI as the Reveton – because unlike many viruses that activate when users open a file or attachment – this one can install itself when users simply click on a compromised website.
This virus is traced to links on several different websites – both text and video sites. The virus is automatically transferred to the computer without the user’s knowledge.
Reveton freezes your computer and stops it in its tracks. And the average user will not be able to easily remove the malware, Donna Gregory of the Internet Crime Complaint Center says. Some virus elements can be overridden, but experts say it will reappear each time the computer is rebooted.
There are a couple of statements made in the fake FBI letter that sound official – citation of legal articles, the titles of some laws, and the official website to the Federal Bureau of Investigation.
“It looks so official with all the symbols and website address material,” Allen says.
The computer user is urged to go to a retail outlet and use Moneypak Green Dot, an upfront payment system. Transfer that number to the system and then it allegedly goes away. It doesn’t really, it just lies in wait.
FBI says this latest malware version is in conjunction with “Citadel malware”, a software delivery that first came to the bureau’s attention in 2011. The FBI issued a warning in May, and it has since expanded across the country.
“Some people have actually paid the so-called fine,” Gregory says.
If this screen appears, follow these tips:
• Do not pay any money or provide any personal information.
• Contact a computer professional to remove Reveton and Citadel from your computer.
• Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background.
More information can be found at the BBB.org or the FBI’s IC3 website.
Robb Hicken is the media contact for the BBB serving Snake River Region. Reach him at 947-2115 or rhicken@boise.bbb.org.
