By a Judee Szaro-Treanor
Was the Department of Justice (DOJ) really watching every move I made on my computer?
Recently, that was my initial reaction, and it seemed like a reasonable question to ask myself, with all the recent headlines about government surveillance, and Edward Snowden, former technical contractor for the United States National Security Agency (NSA), also a former employee of the Central Intelligence Agency (CIA), who leaked details of several top-secret U.S. and British government mass surveillance programs to the press.
Here’s what caused me to ask myself the aforementioned question. One day, out of the blue, my computer screen froze and an official looking DOJ seal appeared at the top of my screen.
A message appeared indicating that “child pornography and illicit/illegal software were detected on this (my) computer.” The message urged me to follow the instructions given, and respond within 48 hours, or, face criminal federal prosecution and lengthy jail time.
“Interesting,” I thought to myself, knowing full well that none of those accusations were even remotely true.
The instructions? To go to Kmart, Wal-Mart, or one of the other stores shown (logos conveniently provided) and get a cash card for $450. Then, enter the card code in the space shown on the screen. This was the “fine” assessed by the “DOJ.”
The message said that if I paid the fine, they would let the incident go – this time. I used my Smartphone to do a little search on the real DOJ website. My search revealed that I was dealing with a nasty piece of ransomware, known as the dreaded DOJ virus.
Essentially, this virus locks your computer (even the webcam) and requests a bounty, or fine, of $300 to $450 to unlock it. If you pay the fine supposedly you avoid prosecution by the federal government. In truth, this virus is actually a polymorphic, which means no modern anti-virus software can stop it from executing.
Primarily, it enters the computer silently through a Java exploit. And, once infected, your computer is essentially useless. You can’t execute any programs and the virus will reappear after you reboot.
Now the big question – once your computer contracts this virus, how do you get rid of it?
Over several nights, my husband worked with a technical support person to clear out the ransomware. He got rid of the DOJ screen, but, my Internet capability was compromised and my home screen froze after booting up the machine. I had to buy a new laptop and hire a professional to clean the infected machine.
So, how did I my computer get infected with this virus? The answer: I have no idea.
Several online technical sites said that visiting malicious websites, or even valid websites that were compromised, may load this DOJ Trojan horse onto a computer. Junk email containing infected attachments, or links to malicious sites, can do the same thing.
The virus can also be downloaded manually, by deceiving the user into believing he or she is installing a useful piece of software. It’s also common on peer-to-peer file sharing sites and is frequently packaged with pirated, or illegally-acquired, software.
Lesson of the day: Make sure your computer has malware protection installed and that is up-to-date and actively working.
By a Judee Szaro-Treanor