Criminals trick PC users into paying up

“Police virus” spearheads malicious ransomware:

We are currently seeing a proliferation of malware which locks the PCs of European users and demands a ransom.  People who write viruses are constantly looking for new ways to get money from their victims. At the same time ordinary, legitimate websites have begun to pose a significant risk of infection. 

May 2013: Many European PC users have been affected by a new wave of what is known as the “Police virus” of late. The message displayed claimed to have been sent by the police. It locks your PC and says that the police have found illegal material on the computer, such as illegal films and music, pornography or viruses. You are then asked to pay a fine in order to regain control of your PC.

This is one of a number of recent examples of what is known as “ransomware”, which poses a growing threat to European PC users. The virus can be spread in a variety of ways; via websites, in e-mails and by file sharing.

Once the PC has been infected and locked, getting rid of the virus is difficult. Many people may experience a sense of desperation when they are unable to use their PCs and lose access to all the data they had stored there. Norman has created a solution for removal of the virus that will help affected users to resolve the problem (link), but the best thing to do is be proactive and make sure your security software is updated, thereby avoiding the problem altogether.

And above all – do not pay. This will not resolve the problem.

“Secure websites” no longer secure

We are also seeing a growing problem whereby ordinary, legitimate websites are becoming an important source of malware infection. It is no longer enough for users just to surf safely and avoid dodgy websites.

Malware can be spread via known websites by using advertisements to gain access, or if the sites are hacked. Automated advertising networks, whereby it is harder for websites to maintain control over what is served to users, are becoming more and more common.

This means that unsuspecting users can be infected by ransomware or other viruses and malware from sites that they think are safe.

Awareness and protection

It is important for users always to be aware of the threats, and for them to be suspicious of dubious websites, mail, attachments and permission requests from unknown software. But as hackers become ever more devious, it is becoming harder and harder to tell threats apart from legitimate content.

“Bad English and local language are not always enough to identify hackers. Users are now being presented with well designed content, good language, and genuine logos, often with local adaptations. They also use the news feeds cynically in order to trick Internet users, such as by playing on the terrorist bombs in Boston. You have to have a good security solution in place to deal with such threats,” says Uppheim.

Norman itself receives between 100 000 and 130 000 new instances of malicious code every day.

The complexity of the solutions we surround ourselves with every day, not least on our mobiles and PCs, is much, much greater than it was even a few years ago. Malware has gradually become cynical big business. Old threats do not stop being threats, either. They never go out of date, but continue to live online. Most importantly, users must have a solution that protects them as effectively as possible. Make sure your security software has not expired. And that Windows and all your software have been updated.

For more information, please contact:
Arne Uppheim, Product Director, Norman
Tel.: 481 88 095


Stephanie Kane
AVG Technologies
+ 44 7817 631016

Isabella Alveberg
Norman Safeground
+47 95730578


Keep in touch with AVG