FANDOM


FBI-Moneypak-Virus

A version of the lock screen.

FBI Moneypak is a ransomware on Microsoft Windows much like Cryptolocker. It is part of the Reveton family.

Moneypak is very similar to a credit card, however, it has a pre-loaded amount of money that the user can use to buy things and purchase online.

Despite claiming to be from the FBI, it is in fact a scam and not run by the FBI.

In 2012, the FBI published advice relating to the FBI MoneyPak virus.

Payload

Transmission

FBI Moneypak is typically installed onto a computer when the user visits a hacked web site that contains malicious scripts that exploit vulnerabilities on the computer to install the FBI Ransomware without their knowledge or permission.

Infection

Once installed, the FBI Ransomware will be configured to start automatically when you login to Windows. If FBI Moneypak infiltrates the user's computer, it denies their access instantly. Suffering from a locked PC denotes that the trojan has already altered the user's registry. This ransomware also drops harmful files onto the user's hard drive.

Once started, it displays a large alert that pretends to be from the FBI and states that the user's computer has been blocked due to it being involved with the distribution of pornographic material, SPAM, or copyrighted content. In order to access their Windows desktop and their applications they must first pay a fine of $100 in the form of a MoneyPak.

Once the malware developers receive the ransom they will then unlock your computer within 1 to 48 hours. To make the alert seem more authentic, the malware also has the ability to access your installed webcam so that the alert shows what is happening in the room.

The text of this ransom note is:

The FBI
Federal Bureau of Investigation


ATTENTION!
IP: xxx.xxx.xxx
Location: Your Country Here
IPS: Your ISP Here


Your PC is blocked due to at least one of the reasons specified below.


You have been violation Copyright and Related Rights Law (Video, Music, Software) and illegally 
using or distributing copyrighted content, thus infringing Article I, Section 8, Clause 8, also known as 
the Copyright of the Criminal Code of United States of America.


Article I, Section 8, Clause 8 of the Criminal Code provides for a fine of two to five hundred minimal 
wages or a deprivation of liberty for two to eight years.


You have been viewing or distributing prohibited Pornographic content (Child Porno, Zoofilia and 
etc). Thus violating article 202 of the Criminal Code of United States of America. Article 202 of the 
Criminal Code provides for a deprivation of liberty for four to twelve years.


Illegal access has been initiated from your PC without your knowledge or consent, your PC may be 
infected by malware, thus you are violating the law of Neglectful Use of Personal Computer. Article 
210 of the Criminal Code provides for a fine of up to $100,000 and/or a deprivation of liberty for four 
to nine years.


Pursuant to the amendment to the Criminal Code of United States of America of May 28, 2011, this 
law infringement (if it is not repeated - first time) may be considered as conditional in case you pay 
the fine to the State.


Fines may be paid within 72 hours after the infringement. As soon as 72 hours elapse, the possibility 
to pay the fine expires, and a criminal case is initiated against you automatically within the next 72 
hours!


To unblock the computer, you must pay the fine through MoneyPak of 100$.
FBI Moneypak Virus removal without using safe mode - best method

FBI Moneypak Virus removal without using safe mode - best method.

Community content is available under CC-BY-SA unless otherwise noted.