Threat Database Ransomware ICE Cyber Crimes Center Ransomware

ICE Cyber Crimes Center Ransomware

By Domesticus in Ransomware

Threat Scorecard

Ranking: 3,222
Threat Level: 20 % (Normal)
Infected Computers: 6,229
First Seen: February 19, 2013
Last Seen: September 20, 2023
OS(es) Affected: Windows

ICE Cyber Crimes Center Ransomware Image

The ICE Cyber Crimes Center Ransomware infection is a ransomware that targets computer users in the United States. The ICE Cyber Crimes Center Ransomware Trojan demands the payment of a fine of up to $400 USD and is very similar to the countless other ransomware attacks such as the ones perpetrated by the Cheshire Police Authority Ransomware, the Metropolitan Police Ukash Virus and the Politie Nederland Ransomware ESG security researchers have observed in recent years. While ransomware scams were relatively limited to Europe until recently, in 2012 a wave of ransomware attacks started to spread throughout North America. The ICE Cyber Crimes Center Ransomware is one of these more recent variants in ransomware families. Like other ransomware attacks, the ICE Cyber Crimes Center Ransomware accuses its victims of illegal activities and then demands money to pay a supposed fine. Unlike other ransomware, the ICE Cyber Crimes Center Ransomware infection includes a warning that failure to pay its fine will cause the deletion of all files, photos and documents on the infected computer.

The ICE Cyber Crimes Center Ransomware message claims that the victim's computer was blocked because it violated the laws of the United States. Some accusations include the distribution of illegally copied files and viewing child pornography. The ICE Cyber Crimes Center Ransomware message also lists the maximum penalties under the law for these supposed infractions, such as fifteen years of jail time for viewing forbidden pornographic material. It is important to note that the ICE Cyber Crimes Center Ransomware scam is not associated with the United States government and that the ICE Cyber Crimes Center Ransomware is a common malware scam used to force computer users to pay substantial fines through coercion.

Dealing with the ICE Cyber Crimes Center Ransomware Infection

The victim's computer is actually blocked by a malicious component of the ICE Cyber Crimes Center Ransomware known as a Winlocker. This ransomware infection makes changes to the infected computer's settings that prevent the victim from accessing the Windows desktop or files stored on the infected computer. Common ways of bypassing this message (such as the Start Menu key or the Windows Task Manager) are also blocked. The ICE Cyber Crimes Center Ransomware demands payment of its ransom of $400 USD through MoneyPak, a common online payment service. ESG malware analysts strongly advise against paying the ICE Cyber Crimes Center Ransomware's fine. Instead, victims of this malware threat should use a reliable anti-malware scanner to remove this infection and an alternate boot method to bypass its Winlocker component.ScreenshotScreenshot

File System Details

ICE Cyber Crimes Center Ransomware may create the following file(s):
# File Name Detections
1. [PATH OF MALWARE]\[RANDOM].exe
2. [PATH OF MALWARE]\[RANDOM].dll
3. %LocalAppData%\[RANDOM CHARACTERS]
4. %AppData%\[RANDOM CHARACTERS]
5. %CommonAppData%\[RANDOM CHARACTERS]
6. %UserProfile%\Templates\[RANDOM CHARACTERS]

Registry Details

ICE Cyber Crimes Center Ransomware may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "cmd.exe"
HKEY_CLASSES_ROOT\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}\InProcServer32 "(Default)" = "[PATH OF MALWARE]\[RANDOM].dll"
HKEY_CURRENT_USER\Software\Microsoft\Command Processor "AutoRun" = "[PATH OF MALWARE]\[RANDOM].exe"
HKEY_CLASSES_ROOT\CLSID\{28949824-6737-0594-0930-223283753445}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM].exe" = "[PATH OF MALWARE]\[RANDOM].exe"
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{28949824-6737-0594-0930-223283753445}
HKEY_CLASSES_ROOT\CLSID\{28949824-6737-0594-0930-223283753445}\InProcServer32 "(Default)" = "[PATH OF MALWARE]\[RANDOM].dll"

URLs

ICE Cyber Crimes Center Ransomware may call the following URLs:

captchadecode.com

Messages

The following messages associated with ICE Cyber Crimes Center Ransomware were found:

ICE
The ICE Cyber Crime Center
Your computer has been blocked
The work of your computer has been suspended on the grounds of unauthorized cyber activity.

Possible violations are described below:

Article -174. Copyright
Imprisonment for the term of up to 2-5 years
(The use or sharing of copyrighted files). A fine from 18,000 up to 23,000 USD

Article - 183. Pornography
Imprisonment for the term of up to 2-3 years
(The use of distribution of pornographic files). A fine from 18,000 up to 25,000 USD

Article - 184. Pornography involving children (under 18 years)
Imprisonment for the term of up to 10-15 years
(The use or distribution of pornographic files). A fine from 20,000 up to 40,000 USD

Article - 104. Promoting Terrorism
Imprisonment for the term of up to 25 years without appeal
(Visiting the websites of terrorist groups). A fine from 35,000 up to 45,000 USD

Article - 68. The distribution of virus programs
Imprisonment for the term of up to 2 years
(The development or distribution of virus programs, which have caused harm to other computers). A fine from 15,000 to 28,000 USD.

To unlock your computer and to avoid other legal consequences you are obligated to pay a release fee of $300 USD.

An attempt to unlock this computer by yourself will lead to the full formatting of the operating system. All the files, videos, photos, documents on your computer will be deleted.
The ICE Cyber Crimes Center
The common law is the will of Mankind issueing from the life of the people
Your computer has been blocked
The Work of your computer has been suspended on the grounds of the violation of the law of the United States of America
Possible violations are described below:
Article ? 184. Pornography involving children (under 18 years)
Imprisonment of the term of up to 10-15 years
(The use or distribution of pornographic files)

Trending

Most Viewed

Loading...