Back to Courier Columns Page

by Ray Carlson

Q: You once told about a scam in which people got a message from the FBI demanding payment of a fine to regain control of their computer. I just received a government message saying my computer was hijacked, but, instead of asking for money, this message tells how to get rid of the virus. Is this a scam?

A: Government agencies in several countries recently took control of two hacker networks that had infected millions of computers. The information seized allowed the government agencies to identify infected computers. Now, they are trying to notify the owners so the owners can remove the malware before another hacker network can retake control of the infected computers. If you received such a message, you should follow the suggestions in the message.

The first target was a network that used malware called Gameover Zeus. Once installed on a person's computer, the malware sent its controllers information related to bank websites and sent out spam messages. The network responsible for this malware sold access of some of the infected computers to other criminal networks. The second seized network used malware called "CryptoLocker" to kidnap drives and encrypt entire computers. Typically, they offered to provide the decryption key for a price. A team of international law enforcement agencies and security specialists managed to identify and take over these networks, and the FBI charged the Russian leader.

Several anti-virus companies developed programs to scan for this malware. It is probably worthwhile for everyone to make sure they never received these programs. The government listed several scanning programs on this website.

One of the frequently recommended programs developed a specific scan for this malware. Find it here.

On this last page, select scan now. The scanning program will be downloaded. Click on the downloaded program to conduct the scan. If it locates a virus, it will offer to remove it. Once the scan and removal are completed, you can close the program and ignore offers of additional software.

Published: Courier 6/15/14 - Page 2D