Computers being held to ransom by fake antivirus
A new threat demands that victims pay up for fake antivirus, or they don’t get their computer back.
A new and more aggressive way for criminals to make cash from fake antivirus has emerged.
It involves malware hijacking a user's computer until victims pay up or reformat the system.
Previously, the victim would be sent a series of warnings to buy a paid version of the fake antivirus, but security firm Panda warned that this was now being combined with ransomware.
An infected computer is unable to run a program or open a document, and only responds with a message that all files were infected and the only solution is to buy the fake antivirus.
The fake antivirus would be offered for around 75, with users paying the ransom' receiving a serial number to type into the application.
Once this data is entered, all the information held hostage would be released, although the fake antivirus will remain on the system.
"Users are often infected unknowingly, in most cases, through visiting hacked websites, and once a computer is infected it is extremely difficult to eliminate the threat, even for those with a certain degree of technical knowledge," said Luis Corrons, technical director of PandaLabs, in a statement.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
"Users are also prevented from using an type of detection or disinfection tool, as all programs are blocked. The only application that can be used is the internet browser, conveniently allowing the victim to pay for the fake antivirus," he added.
-
AWS hits back at EU cloud 'gatekeeper' designation hintsNews Gatekeeper designation under the legislation would force AWS and Microsoft to make concessions
-
Is the Top500 meaningless? Not so, says US national laboratory CTOIn-depth LINPACK may measure only one process, but there are real and meaningful use cases for exascale systems
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recoveryNews Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in lifeNews With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion