Activation Screen Ransomware Foiled by Symantec
Posted by: Timothy Weaver on 08/08/2016 09:34 AM
[
Comments
]
U.S. users are being targeted with a new variation of ransomware that poses as a Windows activation window and asks for an activation number. It also gives an 800 number to call for help.
The infection comes from downloading a program called freedownloadmanager.exe. Once downloaded, the activation screen appears along with two icons. One is for TeamViewer and the other for LogMeIn. It is unclear at the moment if these will play a part in the ransom.
Symantec, which first noticed the ransomware along with security researcher S!Ri, tried calling the number but got no answer. A google search of the number provided many poisoned hits which all indicate that one needs to pay the ransom to get the screen unlocked.
However, Symantec developers and VMRay developer Chad Loeven have discovered that if one inputs 8716098676542789 into the activation field, the ransomware will be removed.
Source: SoftPedia
The infection comes from downloading a program called freedownloadmanager.exe. Once downloaded, the activation screen appears along with two icons. One is for TeamViewer and the other for LogMeIn. It is unclear at the moment if these will play a part in the ransom. Symantec, which first noticed the ransomware along with security researcher S!Ri, tried calling the number but got no answer. A google search of the number provided many poisoned hits which all indicate that one needs to pay the ransom to get the screen unlocked.
However, Symantec developers and VMRay developer Chad Loeven have discovered that if one inputs 8716098676542789 into the activation field, the ransomware will be removed.
Source: SoftPedia
Comments
