Reveton Ransomware Updated Again: You have 48 Hours to Pay or Else

Will Trojan.Ransomlock.G (better known as “Reveton”) really reformat your computer and delete all of your precious files if you refuse to pay the ransom fee?

Symantec researchers say that although the Reveton malware authors updated the lock screen to suggest that any attempt to manually remove the ransomware will result in the infected computer’s hard-drive being wiped, there’s no indication that the malware actually contains such functionality.

Infact, they were able to manually remove the latest Reveton variant and unlock the computer without any subsequent hard-drive reformats or file loss during their analysis. For the most part, the only real changes in new variant appear to be:

• the empty threat of deleting files by reformatting the operating system


• a higher ransom fee of $300


• a countdown timer indicating that victims only had 48 hours to pay or “suffer the consequences”

Screenshot Credit: Symantec

Got Reveton Ransomware?

As a reminder, ransomware victims are urged to ignore the ransom demands and follow the instructions below instead:

• Perform a full system scan using up-to-date antivirus software. If you happen to experience any difficulty detecting the threat, you can give these tools a try:
  
  
  
  • Norton Power Eraser
  
  
  • ESET Rogue Application Remover (ERAR)
  
  
  
  


• Users that are more tech-savvy can (carefully) restore system registry settings to their previous values. See Symantec’s write-up for instructions on how to do this.

Steps to Keep Your Computer Ransomware Free

Here are some precautionary steps you can take if you don’t fancy the idea of ransomware taking your PC hostage and making monetary demands:

• Keep your operating system & installed third-party software fully patched and up-to-date.


• Always run antivirus software and keep the virus definitions current.


• Do not download or open files attached to unsolicited emails.


• Use a Windows user account that has limited privileges (unable to install software).


• Remain vigilant when surfing the internet and always use a URL expander to check the destination URL for shortened links before following them.

[via Symantec]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+