Skip to main content

FBI/MoneyPak "Ransomware" is new type/derivative of malware/spyware

Fbi malware

What would you do if a screen like this one -- purporting to be from the FBI (US Federal Bureau of Investigation) -- popped up on your PC screen? It claims that you engaged in some illegal activity and requires that you go to your local electronics store to purchase a MoneyPak card to pay your "fine!" If you are like most people, you'd panic a little bit and wonder what you could have possibly could have done wrong. Then, after a few minutes you would realize that you had been infected by one of the latest, insidious malware systems -- something I call "ransomware."

Ransomware seeks to get you to pay someone to unlock your computer, but really it is just a way to rip you off. NEVER pay anyone anything when you computer is infected by malware. If you use a credit card it will quickly be charged up to its maximum and might even allow for additional identity theft. If you purchased this MoneyPak gift card, as instructed by this malware, you would simply be turning over $100-$200 of cash to the person who infected your machine AND your machine would almost certainly STILL be infected.

If you are faced by malware like this, seek out a reputable computer service tech -- either your own personal contact or one of the major electronics chains like Staples of Best Buy. For a fee, they will unravel the malware and get your computer working again.

I faced this FBI malware for the first time today and it is insidious. It seeks to lock you out of your computer entirely, so removing it is no easy task. You first have to figure our some way of starting the computer without also triggering the malware. In my case, this involved starting up the PC is "Safe Mode with Command Line" by tapping the F8 key on the keyboard immediately after starting the computer. Even the Windows Safe Mode was triggering the virus so my only recourse was to fall back on my ancient knowledge of the DOS command line. I found a few suspicious files and then, after removing them, I was able to boot the PC into Safe Mode with the Windows interface enabled.

This then let me run my favorite malware cleanup tool, Malwarebytes, on the computer to remove any further infections. Malware often travels in packs -- one infection allows another and then another -- so you need to make sure the PC is completely clean before returning it to its user. I also had to re-install Microsoft Security Essentials, the the malware had disabled it. I noticed that both Adobe Flash and Java needed updating on this computer and it is possible that one of these 2 programs/systems was the vector for the infection. It is so important to keep your software updated, including Windows Updates and both of these.

There are lots of great resources on cleaning up this FBI/MoneyPak ransomware and that is where I turned when I needed more information. Especially helpful were these instructions (including manual removal instructions) from

How To Remove The FBI Moneypak Ransomware Virus – Fake FBI Malware Information And Removal Options


Popular posts from this blog

Onion Pi makes your web traffic anonymous via Open Electronics

Hmmm, might be an easy (and relatively cheap) way to play around with Tor and learn a bit more about this anonymizing service. -- Douglas Adafruit’s Onion Pi is a Tor proxy that makes your web traffic anonymous, allowing you to use the internet free of snoopers and any kind of surveillance. Follow Adafruit’s tutorial on setting up Onion Pi and you’re on your way to a peaceful anonymous browsing experience. Tor is an onion routing service – every internet packet goes through 3 layers of relays before going to your destination. This makes it much harder for the server you are accessing (or anyone snooping on your Internet use) to figure out who you are and where you are coming from. Read Onion Pi makes your web traffic anonymous via Open Electronics * A portion of each sale from directly supports our blogs ** Many of these books may be available from your local library. Check it out! An interesting link found among my daily reading

How to Build a Raspberry Pi-Powered Digital Photo Frame via Tom's Hardware

A digital photo frame is a small screen that can sit on your desk in your office or in your kitchen displaying your favorite pictures, changing at regular intervals. The first commercial digital photo frame was introduced in the 1990s shortly after the digital camera. Digital photo frames made a comeback in popularity during 2020, perhaps because people were staying at home more. In this tutorial, we’ll turn our Raspberry Pi into a digital photo frame using MagicMirror and the GooglePhotos module. Please note, we will skip installation of the 2-way mirror in the original Magic Mirror project. Consider this project, “Magic Mirror, without the mirror.” Read How to Build a Raspberry Pi-Powered Digital Photo Frame via Tom's Hardware An interesting link found among my daily reading

On my Mac/Windows PC…Disk Inventory X/WinDirStat

Disk Inventory X | WinDirStat   There comes a time in every computer user's life when they need to figure out why their hard drive is out of space and Disk Inventory X and WinDirStat are a great help. Their operation is pretty straightforward. Look at the hard drive directory and see what is taking up the most space. Then allow the user to prune, backup or other remove these files to free up some space. Simple, effective and very, very useful when you need it. Free Previously in On My Mac... iMovie Tweetdeck Celtx Scriptwriting Software LogMeIn Kindle Reader MarsEdit Blog Editor Cyberduck Minecraft Dropbox Garageband MPEG Streamclip Google Chrome Evernote On My Mac/Windows PC is an on-going series highlighting the software (and sometimes, hardware) I use on my Mac nearly every day. Look for additional On My Mac…posts in the coming weeks! -- Douglas