Skip to main content

FBI/MoneyPak "Ransomware" is new type/derivative of malware/spyware

Fbi malware

What would you do if a screen like this one -- purporting to be from the FBI (US Federal Bureau of Investigation) -- popped up on your PC screen? It claims that you engaged in some illegal activity and requires that you go to your local electronics store to purchase a MoneyPak card to pay your "fine!" If you are like most people, you'd panic a little bit and wonder what you could have possibly could have done wrong. Then, after a few minutes you would realize that you had been infected by one of the latest, insidious malware systems -- something I call "ransomware."

Ransomware seeks to get you to pay someone to unlock your computer, but really it is just a way to rip you off. NEVER pay anyone anything when you computer is infected by malware. If you use a credit card it will quickly be charged up to its maximum and might even allow for additional identity theft. If you purchased this MoneyPak gift card, as instructed by this malware, you would simply be turning over $100-$200 of cash to the person who infected your machine AND your machine would almost certainly STILL be infected.

If you are faced by malware like this, seek out a reputable computer service tech -- either your own personal contact or one of the major electronics chains like Staples of Best Buy. For a fee, they will unravel the malware and get your computer working again.

I faced this FBI malware for the first time today and it is insidious. It seeks to lock you out of your computer entirely, so removing it is no easy task. You first have to figure our some way of starting the computer without also triggering the malware. In my case, this involved starting up the PC is "Safe Mode with Command Line" by tapping the F8 key on the keyboard immediately after starting the computer. Even the Windows Safe Mode was triggering the virus so my only recourse was to fall back on my ancient knowledge of the DOS command line. I found a few suspicious files and then, after removing them, I was able to boot the PC into Safe Mode with the Windows interface enabled.

This then let me run my favorite malware cleanup tool, Malwarebytes, on the computer to remove any further infections. Malware often travels in packs -- one infection allows another and then another -- so you need to make sure the PC is completely clean before returning it to its user. I also had to re-install Microsoft Security Essentials, the the malware had disabled it. I noticed that both Adobe Flash and Java needed updating on this computer and it is possible that one of these 2 programs/systems was the vector for the infection. It is so important to keep your software updated, including Windows Updates and both of these.

There are lots of great resources on cleaning up this FBI/MoneyPak ransomware and that is where I turned when I needed more information. Especially helpful were these instructions (including manual removal instructions) from

How To Remove The FBI Moneypak Ransomware Virus – Fake FBI Malware Information And Removal Options


Popular posts from this blog

Elsewhere Online: AT&T's Spam Filter Gets A Bit Too Aggressive

This story from TechDirt lays out yet another reason I recommend that folks DON'T use the email provided to them by their ISP. My typical recommendation right now is to get a Gmail account instead. It also points out why I want to manage all my SPAM on my end, without pre-filtering from an ISP. I will gladly manage my spam if it helps to insure that I see as many of my "real" messages as possible. Again, Gmail's tools work pretty good in this regard. Having an alternative email account also insures you will keep the same email, even if you decide to leave your current ISP. Witness all the folks holding onto AOL accounts just to keep their AOL email address. Thank goodness at least that is free now. AT&T's Spam Filter Gets A Bit Too Aggressive You can certainly understand why ISPs offer spam filters. It's a service for users who don't want to be totally bombarded with spam. But what I've never understood is that these ISPs rarely give the user a

On my iPhone…IFTTT (If This Then That) for iOS

IFTTT (If This Then That) for iOS IFTTT (If This Then That) for iOS My best description of IFTTT, both their main web site, and this new iOS app is "a scripting language for the We." It allows you to set up "recipes" that watch one particular service, like Feedly, Evernote, Gmail and more, and then take action on another service whenever a particular action occurs. I use this to automatically save my shared items from Feedly and elsewhere into an Evernote Notebook and also use it to post automatically post information on a variety of services. The iOS app adds to this functionality by allowing you to take various actions on your phone and triggering IFTTT actions whenever they occur. In the case of the iPhone, initiating actions can include adding new contacts to your iPhone, taking a new picture and more.  For more complete information on how IFFTT works, visit    From the iTunes App Store... " Put the internet to work for you. IFTTT lets y

Noted: 6 Ways to Repair Broken Plastic

Read 6 Ways to Repair Broken Plastic via MAKE: Blog An interesting link found among my daily reading