FBI Virus Scam

Help and Support for Black Opal
User avatar

Topic Author
UltimateCat3
Forum Member
Forum Member
Posts: 1060
Joined: Tue Dec 13, 2011 7:42 am
Operating System: Oz Unity BlackOpal32
Location: OZ

FBI Virus Scam

Postby UltimateCat3 » Sun Aug 18, 2013 9:26 am

Hi everyone:

At first I thought this FBI Virus was a joke but I found out that it is not.
At least it's not with Windows.
I couldn't find anyone that is running Linux that got this virus on their system. However I didn't go through all the Google searches either:-

I clicked on a picture and the next thing I know my browser was locked and got this message.
Your Browser Has Been Locked: Mozilla Firefox


Than a page opened that looked like a ligit FBI webpage with a message about being put in prison and having to pay a fee-
Paying a fee seemed ridiculous that's how I knew it was a scam (or at least had my suspicioutions)

I opened the terminal and ran the sudo shutdown -h now cmd because I couldn't close the browswer at all.
Upon restarting the browser it was locked again with all the same stuff said as above.

I ran Bleachbit and restarted my browser. It is ok now.
I also ran Clam TK and no threats were found.

With Windows I read online that this is a real problem and the only way to get rid of it is to be in safe mode and delete that file.

Has this happened to anyone running Black Opal?
Laptop: Sony Vaio
Intel i5 6GB RAM 1GB Radeon Turbo Boost
64-Bit architecture
CentOS

Gaming PC
MSI z87GD65 i7 Intel
MSI R7850 Twin Frozer 2GB GDDR5 Radeon
Triple Boot
Black Opal 64, Elementary OS & Linux Mint
Image

http://sites.google.com/site/ruledbytheheartart

"If it ain't broke don't fix it; it you can't fix it don't break it; you reap what you tweak"

User avatar

ryanvade
Forum Moderator
Forum Moderator
Posts: 2107
Joined: Wed May 09, 2012 12:23 pm
Operating System: Other Linux
Location: near St.Louis, Missouri USA
Age: 20

Re: FBI Virus Scam

Postby ryanvade » Sun Aug 18, 2013 10:40 am

I have never gotten a virus on Linux. It sounds more like a hole in Firefox than a virus for Linux. A virus requires some type of permission, especially Admin/Root permission to activate. This seems more like a redirect for Firefox. Certainly an issue though.


***EDIT:

Confirmed this to be a type of malware that forces certain browsers to be redirected to the scam site. Not a virus...Just as annoying though.
http://en.wikipedia.org/wiki/Ransomware_(malware)

Running Bleachbit removes all of FireFox's Cache, settings, and such removing the damage. Still surprised that Firefox has this issue.
Image

Laptop: HP dv6t-7000 CTO Desktop: Compaq Presario SR21632wm
i5 2450m Pentium D 960 @ 4 GHz
6 GB ram 2 GB ram
Intel HD 3000 Graphics / Nvidia GT 630M Nvidia GT 520 @ 820 MHz
Diamond II-B KDE 3.11 /Windows 7 Home Premium KDE | Windows 7 Starter/ Diamond II-B KDE 3.10.10-ck1



User avatar

ryanvade
Forum Moderator
Forum Moderator
Posts: 2107
Joined: Wed May 09, 2012 12:23 pm
Operating System: Other Linux
Location: near St.Louis, Missouri USA
Age: 20

Re: FBI Virus Scam

Postby ryanvade » Sun Aug 18, 2013 10:59 am

People on G+ Linux community are asking questions about this too.
Does it pop up randomly or when you start your browser? Does it affect any other browser? If you have more info post it here so we can keep abreast of the situation


No, it would appear it's targeting Firefox or possibly Java.. Either way I would get rid of Java unless it's specifically needed and start using No Script and Ghostery and Ad block Plus.. I never browse the internet without them..
Image

Laptop: HP dv6t-7000 CTO Desktop: Compaq Presario SR21632wm
i5 2450m Pentium D 960 @ 4 GHz
6 GB ram 2 GB ram
Intel HD 3000 Graphics / Nvidia GT 630M Nvidia GT 520 @ 820 MHz
Diamond II-B KDE 3.11 /Windows 7 Home Premium KDE | Windows 7 Starter/ Diamond II-B KDE 3.10.10-ck1



User avatar

Topic Author
UltimateCat3
Forum Member
Forum Member
Posts: 1060
Joined: Tue Dec 13, 2011 7:42 am
Operating System: Oz Unity BlackOpal32
Location: OZ

Re: FBI Virus Scam

Postby UltimateCat3 » Sun Aug 18, 2013 11:58 am

It only pops up randomly when I clicked on wallpapers where I had been.
Not sure if it effects any other browser as I only use Firefox--

It happened twice but it's not occuring anymore.

I made sure to perform and update before I shut down that machine--
When I turn that machine back on tomorrow I will start using No Script, Ghostery and Ad Block Plus like you have advised.

This like you said is more of an annoyance than anything. ;miffed!

From what I have read it appears as a .exe file and looks like this but can be different each time
KB8649357


This pretty much explains what happend with my system.
FBI ransomware virus starts with popup and secret download, police warn - JSOnline

So far (from what I have read) this has not been the case for Linux and I have not found any evidence to support that this FBI junk has infected any of the Linux Distributions; Thank God! ;smile
Laptop: Sony Vaio
Intel i5 6GB RAM 1GB Radeon Turbo Boost
64-Bit architecture
CentOS

Gaming PC
MSI z87GD65 i7 Intel
MSI R7850 Twin Frozer 2GB GDDR5 Radeon
Triple Boot
Black Opal 64, Elementary OS & Linux Mint
Image

http://sites.google.com/site/ruledbytheheartart

"If it ain't broke don't fix it; it you can't fix it don't break it; you reap what you tweak"

User avatar

Blackwolf
Forum Administrator
Forum Administrator
Posts: 8427
Joined: Sun Dec 13, 2009 6:07 pm
Operating System: Star Sapphire x 64
Location: Melbourne,Australia.
Age: 49

Re: FBI Virus Scam

Postby Blackwolf » Sun Aug 18, 2013 3:48 pm

Star Sapphire 14.04.1 LTS, Trusty Tahr
nVidia EVGA Geforce GTX580 1536MB
Intel Core i7 2600K Quad Core Overclocked to 4.4GHz
Gigabyte Z68 UD7 Chipset, Corsair 16GB Kit (4x4GB) 1600MHz DDR3, OCZ 120GB Vertex 3 SSD
Corsair 8GB Kit (2x4GB) 1600MHz DDR3, OCZ 120GB Agility 3 SSD (WD 1TB Caviar SATA-III HDD)

HP DV6 Laptop 8x Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Oz Unity Diamond IIB

Add us on our as well as our
then follow us on !!
Image
Image

Image


Image

User avatar

Topic Author
UltimateCat3
Forum Member
Forum Member
Posts: 1060
Joined: Tue Dec 13, 2011 7:42 am
Operating System: Oz Unity BlackOpal32
Location: OZ

Re: FBI Virus Scam

Postby UltimateCat3 » Mon Aug 19, 2013 2:25 am

Adding Chostery and Ad Block Plus has indeed helped- ;smile
Thank You; Ryanvade

I found additional information about this FBI Virus and a Solution for people who have Mac's-
How to remove FBI viruses - Fake FBI malware removal (FBI ransomware) | Malware Removal - Software & Tutorials

Apple Mac OS X
How to remove FBI Cyber Department virus - Apple Mac OS X Ransomware removal | Malware Removal - Software & Tutorials

Thank You; Blackwolf ;smile
Laptop: Sony Vaio
Intel i5 6GB RAM 1GB Radeon Turbo Boost
64-Bit architecture
CentOS

Gaming PC
MSI z87GD65 i7 Intel
MSI R7850 Twin Frozer 2GB GDDR5 Radeon
Triple Boot
Black Opal 64, Elementary OS & Linux Mint
Image

http://sites.google.com/site/ruledbytheheartart

"If it ain't broke don't fix it; it you can't fix it don't break it; you reap what you tweak"


Return to “Black Opal”

Who is online

Users browsing this forum: CommonCrawl [Bot] and 0 guests