Computer Related > "Sheffield Police" Ransomware Scam Computing Issues
Thread Author: Meldrew Replies: 11

 "Sheffield Police" Ransomware Scam - Meldrew
Two days ago my I suddenly got a whole screen pop-up telling that my computer had been Locked and the only way to unlock it was to go on line and pay a £100 "Fine". The screen, complete with usual typos etc purported be from Sheffield Police and Serious Organised Crime Agency. Luckily I have a computer savvy colleague who was able to unlock it for me, for a good bottle of wine. He used a recovery disc from Kaspersky and tells me that, unless I am prepared to pay £200 a year for what he calls a proper firewall/anti virus package, it could happen again.

Loads of info on line, just google for Sheffield Police Scam and there are other ways of getting rid of it. It is very cunning, if you try to start in safe mode, to access system restore etc, it starts and then when you type in your access password, it shuts down and starts normally!
 "Sheffield Police" Ransomware Scam - Focusless
South Yorks police info: www.southyorks.police.uk/node/1823
 "Sheffield Police" Ransomware Scam - L'escargot
>> He used
>> a recovery disc from Kaspersky and tells me that, unless I am prepared to pay
>> £200 a year for what he calls a proper firewall/anti virus package, it could happen
>> again.

I have Kaspersky Internet Security 2013 which is automatically updated. Would he/you call that a proper firewall/antivirus package?
Last edited by: L'escargot on Wed 24 Jul 13 at 09:04
 "Sheffield Police" Ransomware Scam - Zero
Dont think your friend is thaqt computer savvy.

1/ two minutes with registry edit started from safe mode with command prompt would have got rid of it.

2/ Its just a Win32/Reveton trojan and free MSE blocks it if its updated.

3/ Nothing to do with a firewall,

4/ find me an AV package that costs 200 quid per year.
 "Sheffield Police" Ransomware Scam - Meldrew
£200 a year was for something to 100% protect a business. Most of the free or low-cost ones will not keep Sheffield out. He mentions something called MBAM Pro but not a cost. He says it would have kept the Sheffield thing out though.
Last edited by: Meldrew on Wed 24 Jul 13 at 09:12
 "Sheffield Police" Ransomware Scam - Zero
>> £200 a year was for something to 100% protect a business. Most of the free
>> or low-cost ones will not keep Sheffield out. He mentions something called MBAM Pro but
>> not a cost. He says it would have kept the Sheffield thing out though.

Thats about 20 quid. I'd call that low cost.

If the low cost ones do not keep it out, we would all have it and it would be endemic.


Your friend? he snoweth you.
Last edited by: Zero on Wed 24 Jul 13 at 09:15
 "Sheffield Police" Ransomware Scam - Meldrew
Don't care what he did! He fixed my computer!
 "Sheffield Police" Ransomware Scam - Meldrew
Googling MBAM goes to a well regarded programme called malware bytes
 "Sheffield Police" Ransomware Scam - Zero
yes 20 quid.
 "Sheffield Police" Ransomware Scam - TeeCee
>> £200 a year was for something to 100% protect a business.
>>

Er, cobblers.
I'm afraid that the "corporate" versions use the same mechanisms as the others. If it's not had an update for that threat, it'll get through. The extra cash is for the central admin capabilities, the ability to define your own update servers, etc. All of which you don't need.
As far as protection offered goes, there is absolutely no difference between say, Norton Internet Security and Symantec Endpoint Protection.

It's rather more annoying when something nasty's rife on over 100,000 machiones globally, I can tell you.
 "Sheffield Police" Ransomware Scam - Focusless
How do you get infected?
 "Sheffield Police" Ransomware Scam - TeeCee
>> How do you get infected?
>>

The two most prevalent methods right now are:

1) Moody advert with a bit of dodgy java to drop the beastie into your machine and an A/V system that isn't up-to-date enough to block it. Avoiding this one means keeping java up to date removing old java versions, as the installer for newer versions often doesn't and ensuring your A/V system is up to date at all times.
Disabling the browser's java plugin is the best approach, but not an option for most.

2) You install something that comes with a FREE! toolbar or FREE! virus scanner or FREE! faceberk widget or somesuch. Hint: If someone's going out of their way to push you to install something, there's probably a very good reason why. Avoiding this one means being more careful. Once you've pressed that "Allow" button on the UAC popup, you've given away the keys to the kingdom. Think twice, click once is the answer here.
Latest Forum Posts