PC technician calls computer virus 'the worst' he's seen

Photo courtesy of TheTechnologyCenter.com
The Homeland Security Virus — a class of malware that restricts access to the computer system that it infects, and demands a ransom paid to the creator — turned up on a computer its owner dropped off at a Bonita Springs computer repair shop. The shop owner shows us how the virus works and how computer users can avoid them. The virus takes photos of users while they’re in front of the computer, so it’s a bit more intimidating compared to your average virus.

Photo courtesy of TheTechnologyCenter.com The Homeland Security Virus — a class of malware that restricts access to the computer system that it infects, and demands a ransom paid to the creator — turned up on a computer its owner dropped off at a Bonita Springs computer repair shop. The shop owner shows us how the virus works and how computer users can avoid them. The virus takes photos of users while they’re in front of the computer, so it’s a bit more intimidating compared to your average virus.

In his more than 20 years of fixing PCs, John Phelan has dealt with hundreds of computer viruses.

“But this is the worst,” he said of the one he saw for the first time Thursday.

He was surprised when a frantic mother brought in a laptop that had been “blocked,” seemingly by the U.S. Department of Homeland Security, supposedly for illegal activity, or cybercrime, done by users of the family computer.

A commanding voice on the computer said, “Your PC is blocked. To unblock the computer, you must pay a fine of $300 through MoneyPak.”

The bogus reasons given for the department purportedly taking the computer hostage are using, distributing or sharing child pornography, copyrighted files, or unlicensed software. The fraudulent claims are all part of the so-called “ransomware” virus that seeks money from its unsuspecting victims.

“This is not good,” Phelan said. “I’m sure it must scare the bejesus out of people.”

What made the virus particularly alarming is that the pop-up screen for the scam included a picture of the customer’s son in the right hand corner, unknowingly shot by the PC’s built-in camera, and it listed the city and state he lived in, the IP address and other details about the home computer, including the name of the operating system, Phelan said.

“It kind of makes the public aware that there are people watching and listening to you at any time,” he said.

The pop-up screen shows the logos of other agencies, including the U.S. Department of Treasury, the Global Illicit Financial Team and the U.S. Department of Justice, making it look even more official.

Victims of the scam are told they have 48 hours to pay the fine, or they will “become the subject of criminal prosecution without the right to pay the fine.”

“The Department for the Fight Against Cyberactivity will confiscate your computer and take you to court,” the screen warns.

The screen tells users that all their files, videos, photos and documents will be deleted if they attempt to unlock their own computers, which will lead to the “full formatting of the operating system.”

Victims are given three steps to pay their fine online: Take cash to the store to buy a MoneyPak, purchase the MoneyPak, then enter the code from the MoneyPak on the computer.

A handful of retailers are listed, including Wal-Mart, Kmart, 7-Eleven and CVS, where MoneyPak cards can be purchased. The prepaid cards are used like debit or credit cards, but they’re not linked to bank accounts.

The debilitating virus can get on the computer in several ways, from spam email to questionable websites. Anti-virus software, such as Norton, can help protect computers, Phelan said.

This type of virus isn’t new. It’s similar to one known as the FBI virus, which has been around for a few years.

Lt. Chad Parker, with the Collier County Sheriff’s Financial Crimes Bureau, said one victim brought in his laptop to show detectives what it looked like and it looked authentic, like it could have come from the FBI.

“I don’t know if we’ve had anyone fall victim to it, as far as anyone providing the money,” he said. “We had two cases of it, and that was probably four or five months ago.”

He recommends victims seek the help of professionals in removing the virus to ensure it’s gone and doesn’t continue running behind the scenes.

He described the virus as the “screen of death.”

“Nothing else is going to operate until you get that virus removed,” he said.

Removing the Homeland Security virus on Thursdays took Phelan a few hours, costing the customer about $130. It’s the first time he’s seen a virus that involved taking a user’s picture.

“It’s a much more involved virus now,” he said. “It’s really morphed into this. The shocking thing is that it’s just going to get worse.”

© 2013 marconews.com. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

  • Discuss
  • Print

Comments » 2

LadueVGilleo writes:

If you are unfortunate enough to get hit with this virus, immediately power off your computer; do NOT try to close the window by clicking on the "X" in the upper right hand corner of the window. Clicking on the "X" saves the virus to your computer, and you are in deep do-do.

RayPray writes:

“But this is the worst,” John Phelan said

No, these ransom-ware virus have been around for a while, good income for 'computer professionals' but routine to fix.

Here is one way:

https://www.youtube.com/watch?v=MJVRe...

What is the worst is the new malware that encrypts all your files, including those not on C: drive, then sends the unlock key back to the culprit in Russia

https://www.youtube.com/watch?v=CgC5u...

Share your thoughts

Comments are the sole responsibility of the person posting them. You agree not to post comments that are off topic, defamatory, obscene, abusive, threatening or an invasion of privacy. Violators may be banned. Click here for our full user agreement.

Comments can be shared on Facebook and Yahoo!. Add both options by connecting your profiles.

Features