Computers being held to ransom by fake antivirus


A new and more aggressive way for criminals to make cash from fake antivirus has emerged.

It involves malware hijacking a user's computer until victims pay up or reformat the system.

Previously, the victim would be sent a series of warnings to buy a paid version of the fake antivirus, but security firm Panda warned that this was now being combined with ransomware.

An infected computer is unable to run a program or open a document, and only responds with a message that all files were infected and the only solution is to buy the fake antivirus.

The fake antivirus would be offered for around 75, with users paying the ransom' receiving a serial number to type into the application.

Once this data is entered, all the information held hostage would be released, although the fake antivirus will remain on the system.

"Users are often infected unknowingly, in most cases, through visiting hacked websites, and once a computer is infected it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge," said Luis Corrons, technical director of PandaLabs, in a statement.

"Users are also prevented from using an type of detection or disinfection tool, as all programs are blocked. The only application that can be used is the internet browser, conveniently allowing the victim to pay for the fake antivirus," he added.