31 May 2012

Citadel Malware Steals Money Through Reveton Ransomware

A new Citadel malware platform steals money by luring people to a drive-by download website, said a recent Internet Crime Complaint Center report. Once Reveton ransomware is installed, it freezes the computer. A screen then warns users they have violated United States law.   

The message further alleges the IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content. To unlock their computer, people are instructed to pay a $100 fine to the US Department of Justice, using prepaid money card services.

In addition to the ransomware, the Citadel malware remains on the compromised computer and can be used for credit card schemes.

“This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud,” said the Internet Crime Complaint Center representatives.  “If you have received this or something similar do not follow payment instructions.”

According to authorities, cyber crooks determine what payment services to offer according to the geographic location of the IP address.

The Internet Crime Complaint Center is a partnership between the FBI and the National White Collar Crime Center that receives online related criminal complaints.