Jump to content

Main menu Navigation ●Main page ●Contents ●Current events ●Random article ●About Wikipedia ●Contact us ●Donate Contribute ●Help ●Learn to edit ●Community portal ●Recent changes ●Upload file

●Create account ●Log in ●Create account ● Log in Pages for logged out editors learn more ●Contributions ●Talk

(Top) 1 Operation 2 Reaction 3 References

FBI MoneyPak Ransomware

●Español ●Português Edit links ●Article ●Talk ●Read ●Edit ●View history Tools Actions ●Read ●Edit ●View history General ●What links here ●Related changes ●Upload file ●Special pages ●Permanent link ●Page information ●Cite this page ●Get shortened URL ●Download QR code ●Wikidata item Print/export ●Download as PDF ●Printable version Appearance From Wikipedia, the free encyclopedia

FBI Ransomware
Technical name	Reveton Ransomware

FBI logo used in the ransomware

Classification	Ransomware
Origin	United Kingdom
Technical details
Written in	English

The FBI MoneyPak Ransomware, also known as Reveton Ransomware, is a type of ransomware malware. It starts by purporting to be from a national police agency (like the American Federal Bureau of Investigation) and that they have locked the computer or smart phone due to "illegal activities" and demands a ransom payment via GreenDot MoneyPak cards in order to release the device.^[1]^{[self-published source?]}^[2]

Operation

[edit]

The FBI ransomware starts often by being downloaded accidentally or visiting a corrupt website and running an application with a modified JavaScript code.^[3] The virus starts with a splash screen that contains the FBI's official logo with a warning that the computer has been locked.^[1] Depending on the version, the reason given is mainly either because of alleged copyright violations and/or because of purported child pornography offences.^[4] Sometimes other crimes, such as terrorism and gambling are included.^[5] It will also show the supposed IP address and sometimes a still from the user's webcam. The virus then demands between $100 and $400 paid via pre-paid MoneyPak cards in order to release the computer.^[1] If the payment is not made, then it alleges it will open a criminal investigation into the owner.^[1] The virus creates an iframe loop which prevents the user exiting the browser or website.^[3] The virus will be installed on the infected device so it still requires removal from the device.^[6]

Reaction

[edit]

In 2012, the FBI published advice relating to the FBI MoneyPak virus, telling people not to pay the ransom as it was not from the official FBI and confirmed it was not the real FBI who had locked the computers.^[7] They also stated that users should go through authorized PC security firms to remove the ransomware or inform the IC3 – Internet Crime Complaint Center. In 2018, the FBI announced that working with the United Kingdom's National Crime Agency (NCA), they had arrested a number of people distributing the malware in the United States and that the NCA had arrested the creator of the virus in the United Kingdom.^[7]

Some people had been fooled into thinking that the virus was a legitimate warning from the FBI. One man complained about the FBI blocking his phone for child pornography which was attributed to the virus; however, he had admitted that he did have child pornography and was arrested by the police.^[8]

References

[edit]

^ ^a ^b ^c ^d "Hand-to-hand combat with the insidious 'FBI MoneyPak ransomware virus'". Forbes. Retrieved 4 January 2019.

^ "Reveton ransomware". FBI. 10 August 2012. Retrieved 1 April 2019.

^ ^a ^b "FBI MoneyPak ransomware". Government of New Jersey. 5 July 2016. Retrieved 4 January 2019.

^ "New Internet scam". FBI. 9 August 2012. Retrieved 4 January 2019.

^ "Ransomware Abettor Sentenced — FBI".

^ "Remove the FBI MoneyPak ransomware or the Reveton trojan". bleepingcomputer.com. 5 July 2012. Retrieved 4 January 2019.

^ ^a ^b "Ransomware abettor sentenced". FBI. 6 December 2018. Retrieved 4 January 2019.

^ "Man gets fake FBI child porn alert, arrested for child porn". CNET. 26 July 2013. Retrieved 4 January 2019.

Hacking in the 2010s

← 2000s

Timeline

2020s →

Major incidents

2010	Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback
2011	Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise
2012	LinkedIn hack Stratfor email leak Operation High Roller
2013	South Korea cyberattack Snapchat hack Cyberterrorism attack of June 25 2013 Yahoo! data breach Singapore cyberattacks
2014	Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach
2015	Office of Personnel Management data breach Hacking Team Ashley Madison data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack
2016	Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack
2017	SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Vault7 data breach Equifax data breach Deloitte breach Disqus breach
2018	Trustico Atlanta cyberattack SingHealth data breach
2019	Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident

Hacktivism

Advanced
persistent threats

Individuals

Major vulnerabilities
publicly disclosed

Evercookie (2010)
iSeeYou (2013)
Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
Row hammer (2014)
SS7 vulnerabilities (2014)
WinShock (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
Dirty COW (2016)
Cloudbleed (2017)
Broadcom Wi-Fi (2017)
EternalBlue (2017)
DoublePulsar (2017)
Silent Bob is Silent (2017)
KRACK (2017)
ROCA vulnerability (2017)
BlueBorne (2017)
Meltdown (2018)
Spectre (2018)
EFAIL (2018)
Exactis (2018)
Speculative Store Bypass (2018)
Lazy FP state restore (2018)
TLBleed (2018)
SigSpoof (2018)
Foreshadow (2018)
Dragonblood (2019)
Microarchitectural Data Sampling (2019)
BlueKeep (2019)
Kr00k (2019)

Malware

2010	Bad Rabbit Black Energy 2 SpyEye Stuxnet
2011	Coreflood Alureon Duqu Kelihos Metulji botnet Stars
2012	Carna Dexter FBI Flame Mahdi Red October Shamoon
2013	CryptoLocker DarkSeoul
2014	Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 FinFisher Gameover ZeuS Regin
2015	Dridex Hidden Tear Rombertik TeslaCrypt
2016	Hitler Jigsaw KeRanger Necurs MEMZ Mirai Pegasus Petya and NotPetya X-Agent
2017	BrickerBot Kirk LogicLocker Rensenware Triton WannaCry XafeCopy
2018	VPNFilter
2019	Grum Joanap NetTraveler R2D2 Tinba Titanium ZeroAccess botnet

Retrieved from "https://en.wikipedia.org/w/index.php?title=FBI_MoneyPak_Ransomware&oldid=1222847606" Categories: ●Ransomware ●Federal Bureau of Investigation ●2012 in computing Hidden categories: ●Articles with short description ●Short description matches Wikidata ●All articles with self-published sources ●Articles with self-published sources from April 2019 ●This page was last edited on 8 May 2024, at 08:00 (UTC). ●Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. ●Privacy policy ●About Wikipedia ●Disclaimers ●Contact Wikipedia ●Code of Conduct ●Developers ●Statistics ●Cookie statement ●Mobile view