There is a malicious software called Kovter that has been floating around the Internet for several years now, locking people out of their computers, threatening them with warnings about turning them into the FBI for looking at porn on places like www.cartoonporno.xxx and demanding a $300 ransom in order to “unlock” the computer and simply make the problem go away.
Sound like some kind of far-fetched plot from a Sci-Fi Channel Original Movie? Well, unfortunately, it isn’t. Even though Kovter isn’t a new virus, it is particularly devious in the way that it deploys itself onto the computers of unsuspecting Internet surfers. All someone has to do is VISIT a web site that has been compromised by hackers who have placed infected images onto the web page, usually as part of an advertisement – the same kinds of advertisements that you see all over the Internet and on almost every major commercial news or information web sites, such as AOL, CNN, MSN or Huffington Post.
It has been reported in multiple news articles that AOL and Huffington Post, two very popular Internet news sites, both have been infected in the past few weeks, exposing thousands of users to the infected Kovter code, which DOES NOT require you to click on any links or download anything in order to infect your computer. It delivers its malicious code through data packets that take advantage of security vulnerabilities in older web browsers (or plug-ins), such as Internet Explorer 8, which is the newest version that Windows XP users can run. You may want to run this on your computer too if it is the correct version, you may be interested in some other computer software for your computer otherwise, you may also be interested in some computer repair services such as Steve’s computer repair service. It is important to keep your computer running healthy.
This blog post from Malwarebytes lists the affected web sites: https://blog.malwarebytes.org/malvertising-2/2015/01/major-malvertising-campaign-hits-sites-with-combined-total-monthly-traffic-of-1-5bn-visitors/
When the Kovter virus first made the news in 2013, it was mostly because the virus would first open up a child pornography web site on the infected computer before locking it down, adding a horror and shock value to the experience, before threatening to report the user to the FBI for visiting illegal web sites. It would claim that it had recorded the browsing history of the infected computer and would send that information to the federal authorities unless the user would pay a $300 ransom to the hackers, delivered to them through the use of a prepaid card called MoneyPak, which allows people to submit a non-traceable payment and supposedly unlock their computer for them.
The warning looks like this:
The good news is that the software does not report the computer owner to any authorities. In case you were wondering, paying the $300 ransom actually does nothing to fix your computer, either. It’s just a scam. If you happen to be unlucky enough to get the Kovter infection, all that you have to do is reboot your computer in Safe Mode and run any number of software infection removal tools, such as Malwarebytes or Microsoft Security Essentials, both of which are free software. (You can click on either one to go to the download page)
So, if the infection has been around for a few years, why is it making the news now? Because there has been a dramatic rise in the number of infections reported in recent months, and because the shock value of this infection is so severe. It doesn’t just lock your computer down – meaning the keyboard and mouse become unusable – but it actually opens up a child pornography page right on your screen before it does. It just doesn’t get much more offensive than that when it comes to computer viruses, and we would like to help people avoid it, if at all possible.
So, how do you avoid it, if it can infect you from legitimate web sites like AOL? Make sure that your Internet browser software is as up-to-date as possible. If you’re still using unsupported Windows XP (shame on you!) then you should avoid using Internet Explorer altogether, and you should switch to the latest version of Google Chrome or Mozilla Firefox. The oldest version of Internet Explorer that is safe from Kovter is Internet Explorer 9, which is not compatible with Windows XP: http://windows.microsoft.com/en-US/internet-explorer/products/ie-9/system-requirements
Remember that no matter how bad the computer virus infection is, PJ Networks can almost always find a way to safely remove it without having to reinstall your operating system or risk losing any of your programs or data. But, even if it comes to that point, we’re really good at bringing everything back to where you had it before you got infected. That’s just one of the many wonderful things that we do! 🙂
2015 is a brave new year in the computer world, and online threats continue to grow more and more evasive and sophisticated. So, make sure that you have good antivirus software, keep your browsers and plug-ins up to date and always be wary of suspicious-looking web sites or e-mail messages.
In other words – let’s be careful out there!
-Your PJ Networks Team
