ACMA ransomware refererer til en screen-locker-malwareinfektion, der låser brugernes skærme og viser en besked om, at brugere vil blive sigtet for flere alvorlige forbrydelser (specifikt at se/distribuere børnepornografi), medmindre de accepterer at betale en bøde. Malwaren låser brugernes skærme og forhindrer dem i at kunne gøre noget. Indholdet af skærmskabet er helt falsk.
Når ACMA (Australian Communications and Media Authority) ransomware startes på en computer, låser den brugernes skærme og viser en falsk skærm, der hævder, at du er ved at blive sigtet for en lang række alvorlige forbrydelser, specifikt at se og distribuere børnepornografiske videoer. Denne særlige skærmlås-malware er rettet mod australske brugere baseret på de forskellige australske retshåndhævende myndigheder, der nævnes, men der er masser af andre versioner, der er rettet mod brugere i andre lande.
Teksten i skærmskabet forklarer, at hvis brugerne ønsker at undgå at blive retsforfulgt for deres formodede forbrydelser, skal de betale en bøde inden for 48 timer. Hvis de gør det, vil de formodede anklager forsvinde. Det siger sig selv, at indholdet af skærmskabet er falsk, og at det ville være spild af penge at betale.
Den fulde tekst fra er ACMA ransomware nedenfor:
Australian Communications and Media Authority (ACMA)
AFP. Crime Commission (ACC)
Royal Australian Corps of Military Police (RACMP)ATTENTION!
Your computer has been blocked for safety reasons listed below.You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc). You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of Commonwealth of Australia criminal law.
Article 161 of the Kingdom of Australia criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.
Also, you are suspected of violation of “Copyright and Related rights Law” (downloading of pirated music, video, warez) and of use use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of Commonwealth of Australia criminal law
Article 148 of Commonwealth of Australia criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.
It was from your computer, that unauthorised access has been stolen to information of State importance and to data close for public Internet access.
Unauthorised access could have been arranged by yourself purposely on mercenary motives, or without your knowledge and consent, provided your computer could have been affected by malware. Consequently, you are suspected – until the investigation is held – of innocent infringement of Article 215 of Commonwealth of Australia criminal law (“Law on negligent reckless disregard of computers and computer aids”).
Article 215 of Commonwealth of Australia criminal law provides for the punishment of deprivation of liberty for terms from 5 to 8 years and/or up to AUD $100,000 fine.
Further after information of your personal computer was examined, it was found that your personal computer has been regularly used for bulk-spamming either arranged by yourself purposely on mercenary motives, or with ought your knowledge and consent, provided your computer could have been affected my malware. Bulk-spamming is a way to disseminate malware of banned pornography. Consequently you are suspected – until the investigation is held – of innocent infringement of Article 301 of Commonwealth of Australia criminal law (“On bulk-spamming and malware (virus) dissemination”).
Article 301 of Commonwealth of Australia criminal law provide for the punishment of deprivation of liberty for term from 5 years, and up to AUD $250,000 fine.
Please, mind that both your personal identities and location are well identified, and criminal case can be opened against you in course of 96 hours as for commission of crimes per above Articles. Criminal case can be submitted to court.
However, pursuant to Amendments to Commonwealth of Australia criminal law dated july 10, 2013, and according to Declaration on Human Rights, your disregard of law may be interpreted as unintended (if you had no incidents before) and no arraignment will follow. However, it is a matter of whether you have paid the fine of the Treasury (to the effect of initiatives aimed at protection of cyberspace).
The penalty set must be paid in course of 48 hours as the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.Amount of fine is AUD $100. You can settle the fine with Ukash vouchers.
As soon as the money arrives to the Treasury account, your computer will be unblocked in course of 24 hours.
Then in 7 day term you should remedy the breaches associated with your computer. Otherwise your computer will be blocked up again and criminal case will be opened against yourself (with no option to pay fine).
Please mind that you should enter only verified pass of vouchers and abstain from caching out of vouchers once used for the fine payment. If erroneous pass were entered, or if attempt was made to cancel vouchers after transaction then, apart from above breaches, you will be charged with fraud (Article 377 of Commonwealth of Australia criminal law, 1 to 3 years of imprisonment) and criminal case will be opened.
Copyright Alliance
Internet Police Department
Cyber Crime Investigations – Corporate Theft Analysis Experts
Cyber Crime Unit
Under supervision of Ministry of Interior, Interpol, Copyright Alliance, International Cyber Security Protection Alliance.
Hvordan inficerer malwaren computere?
Ransomware kan distribueres på flere måder, såsom torrents, exploit kits, e-mails osv. Hvis du har gode browsingvaner, er du mindre tilbøjelig til at få en malwareinfektion, fordi du er mere forsigtig, når du er online. At udvikle bedre vaner er en fantastisk måde at undgå malware på i fremtiden.
At være i stand til at genkende ondsindede e-mails er en god færdighed at have, da e-mails, der indeholder malware, er ret almindelige. Brugere, hvis e-mailadresser tidligere er blevet kompromitteret, er særligt sårbare over for at modtage ondsindede e-mails.
I mange tilfælde vil ondsindede e-mails være meget generiske og ret nemme at genkende. For eksempel indeholder disse e-mails ofte adskillige grammatik- og stavefejl, mens de forsøger at efterligne legitim korrespondance fra forskellige virksomheder.
Vær forsigtig med e-mails, der bruger generiske ord som “bruger”, “medlem” eller “kunde”, når du henviser til dig, da dette kan indikere spam eller ondsindede hensigter. Velrenommerede virksomheder henvender sig typisk til deres kunder ved navn i deres e-mails for at skabe en mere personlig følelse. Cyberkriminelle er ofte afhængige af generiske ord, fordi de normalt mangler adgang til flere personlige oplysninger ud over en e-mailadresse. Hvis du modtager en uopfordret e-mail med en generisk hilsen, især en, der indeholder en vedhæftet fil, skal du være forsigtig – den kan indeholde skadeligt indhold.
Det er også vigtigt at bemærke, at målrettede e-mails kan være meget mere sofistikerede. Disse e-mails har generelt ingen stavefejl eller grammatiske fejl, indeholder troværdige detaljer og adresserer modtageren ved navn. Derfor er det klogt altid at scanne uopfordrede vedhæftede filer i e-mails med anti-malware-software eller tjenester som VirusTotal .
Desuden distribueres malware ofte gennem torrents. Mange torrent-websteder er dårligt reguleret, hvilket gør det muligt for ondsindede aktører at uploade torrents, der indeholder malware. Typisk er malware skjult i torrents til underholdningsindhold som film, tv-shows og videospil. Download af ophavsretligt beskyttet materiale via torrents er ikke kun ulovligt, men sætter også din computers sikkerhed i fare.
Er det en rigtig skærmlås vist af australsk politi?
Denne advarsel er helt tydeligt ikke vist af Australian Communications and Media Authority, ikke af Australiens kriminalkommission og ikke af Royal Australian Corps of Military Police. Det siger sig selv, at retshåndhævende myndigheder ikke låser brugernes skærme og tilbyder bare at betale en bøde, når de begår en forbrydelse, især hvis de begår noget så alvorligt som at se/distribuere videoer om børnemisbrug. Ideen om, at nogen kunne slippe af sted med at betale en bøde for distribution af børnepornografi, er fuldstændig latterlig, da det er en meget alvorlig forbrydelse.
Disse låseskærme, der hævder at være fra retshåndhævende myndigheder, er aldrig legitime. De vises af en ransomware-infektion, ikke af en retshåndhævende myndighed.
ACMA ransomware fjernelse
For at fjerne ACMA ransomware skal du bruge et anti-malware-program. Det er en alvorlig malware-infektion og kræver et professionelt program for at fjerne den. Men for at omgå låseskærmen og bruge dit anti-malware-program, skal du starte din computer i sikker tilstand. Vi anbefaler ikke at prøve at slette ACMA ransomware manuelt, da du kan ende med at forårsage endnu mere skade på din enhed.