Jump to content

Chinese Ramsomware That Changes Windows Login Credentials


Recommended Posts

I agree with Jose. Ransomware is a rather insidious form of malware. There's some new variants of the old bogus FBI warning ransomware that is using Green Dot MoneyPak cards as a form of payment that either locks up your whole computer by changing or adding the Windows login credentials or some variants will target & lock up your browser(s) only by exploiting Flash vulnerabilties thus disabling all internet access. The big problem with this type of malware is even you capitulate and pay the ransom that does not deactivate the virus in most cases and you're still stuck with a useless computer or browser until the virus is removed or you reformat your OS (worst case scenario).


Here's a few examples of what the ransom screen may look like:




Link to comment
Share on other sites

I've personally never been the victim of ransomware either Zurchiboy and I'd like to keep it that way too, lol! This type of infection is on the rise recently, I'm sorry to say, as new variations are being developed & released.


The easiest way to encounter ransomware is using "risky internet browsing habits" such as visiting questionable web sites and clicking on links at such sites. Then you're redirected to the bad guy's server and the virus is downloaded to your system. Using compromised porn, peer to peer file sharing and ilegal crack, keygen sites are just a few examples of risky browsing. Sometimes hackers can gain access to legit sites that have security vulnerabilties and plant their malicious links that way too but, thankfully, that doesn't happen as often. So the bottom line is be careful what sites you visit and what links you click on. Using a little "common sence" can go a long way at keeping your system malware free!


Another nasty aspect about this type of infection is that a lot of variants can disable your currently installed anti-virus software too which makes it difficult to remove except by experts. It will also prevent you from installing any new anti-malware software. That's where I'd love to see Immunet develope a portable anti-malware package that can be run from a USB stick. Something like Emsisoft has done with their free Emergency Kit 4.0 which works quite well at removing ransomware. Using Malwarebytes in Safe Mode has proven to be useful for this type of virus too.


I use Windows 7 Ultimate which gives you the option to burn a bootable Rescue Disk to CD. That's something I've done some time ago just in case it's needed. I actually had to use it once when I encountered some "serious problems" trying to install Service Pack 1 for Windows 7. A rescue disk is great at fixing corrupted OS files but one problem with using some rescue disks is that you can loose data that's on the same drive as your OS that's not backed up or partitioned separately such as photos, videos, music, documents, etc...


Cheers, Ritchie...

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...