Troj/Urausy Ransomware Family of Badware
The Troj/Urausy Ransomware family consists of computer infections that pretends to be a government agency locking you out of your computer unless you pay a ransom. The infection locks you out of your computer by displaying a lock screen before you can access the Windows desktop. This lock screen states that you are breaking the law by viewing child pornography, distributing copyrighted programs, or downloading copyright programs. In order to remove the lock screen you will be required to pay a fine in the form of a MoneyPak or CashNow voucher that you input into the lock screen. This screenlocker is obviously not from a government agency, so please do not pay the requested ransom.
When infected with a variant of the Troj/Urausy Ransomware family, your computer wil perform the following behavior:
- When you login to Windows you will be shown a screenlocker that pretends to be from a government agency located in your country. This lock screen will state that you need to pay a fine in order to access your Windows desktop again.
- The screenlocker you will be shown is dependent on the country your computer is connecting from. For example, if your IP Address is located in the United States you may be shown a message from the FBI, while if you are in Argentina it would be from Police Federal Argentine.
Latest programs belonging to the Troj/Urausy Ransomware family:
-
Cyber Command of New York Ransomware
Added on 10/17/13
-
The Guardians of the Peace of Ireland Ransomware
Added on 08/19/13
-
New Zealand E-Crime Lab Ransomware
Added on 07/23/13
-
Ministry of Public Safety Canada Ransomware
Added on 07/19/13
-
Australian Communications and Media Authority (ACMA) Ransomware
Added on 07/16/13
-
Serios Organised Crime Agency UK Ransomware
Added on 07/15/13
-
Mandiant U.S.A Cyber Security Ransomware
Added on 07/14/13
-
FBI Cybercrime Division Ransomware
Added on 03/29/13
-
Urausy Trojan
Added on 01/31/13
