Over the weekend I got a nice little treat from a new client – New RansomWare! The client called me to verify that what he was seeing on his PC was a fake message. I told him yes. The United States Gov does not lock your pc down and demand $200 via MoneyPak to unlock it.
The ransomware was a fake ctfmon.exe (or it was legit and had the ransomware injected into it…I don’t remember). I used the Kaspersky Rescue Disk to detect and remove the ransomeware.
Here are some pictures I took of the RansomWare:
The pic below is what you’ll see when you start windows – A bogus message from “United States Cyber Security”
Now they tell you how to “unblock” the computer and that it’ll cost ya $200 via MoneyPak.
Oh look! They’re even nice enough to tell ya where you can buy MoneyPaks.
Once you’ve bought your Moneypak you enter the code in below and wait 1 – 24 hours.