'Mandiant U.S.A Cyber Security' Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 7,280 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 433 |
| First Seen: | July 14, 2013 |
| Last Seen: | September 16, 2023 |
| OS(es) Affected: | Windows |
'Mandiant U.S.A Cyber Security' Ransomware Image
The 'Mandiant U.S.A Cyber Security' Ransomware belongs to the notorious Urausy family of malware. ESG security researchers have received reports that the 'Mandiant U.S.A Cyber Security' Ransomware blocks all access to Windows, threatening the computer user so a ransom of $300 USD will be paid. The 'Mandiant U.S.A Cyber Security' Ransomware blocks all access to the victim's files, Desktop or applications. The 'Mandiant U.S.A Cyber Security' Ransomware displays a fake message from the FBI as well as from other government agencies such as Interpol and the Department of Justice. The 'Mandiant U.S.A Cyber Security' Ransomware message threatens the victim, accusing them of participating in illegal activities such as viewing illegal pornographic material and distributing malware. ESG security researchers strongly advise against following the 'Mandiant U.S.A Cyber Security' Ransomware Trojan's instructions. The 'Mandiant U.S.A Cyber Security' Ransomware is not associated in any way with police enforcement; this fake message is part of a scam to try to steal your money.
The Huge Fine Asked by the 'Mandiant U.S.A Cyber Security' Ransomware
The 'Mandiant U.S.A Cyber Security' Ransomware demands payment of its $300 USD ransom through MoneyGram or MoneyPak. These are vouchers that are purchased in stores in the United States which permit computer users to make online payments. Although the 'Mandiant U.S.A Cyber Security' Ransomware message claims that the 'Mandiant U.S.A Cyber Security' Ransomware will unblock access to the infected computer if the ransom is paid, this is not true. It is important to remember that paying 'Mandiant U.S.A Cyber Security' Ransomware's ransom will do nothing to remove this threat from your computer or restore access to the infected computer.
The 'Mandiant U.S.A Cyber Security' Ransomware scam uses an elaborate, highly convincing ransom message. This message accuses the victim of viewing child pornography and other types of illegal pornographic material. The 'Mandiant U.S.A Cyber Security' Ransomware then goes on to list the different articles of the law that include the penalties for these types of offenses. These penalties are quite severe, including years of jail time and thousands of dollars in fines. These types of messages are meant to scare inexperienced computer users, making them believe that they are being prosecuted by the law. They are often written in the victim's country's language and reference the country's main police agencies. Viewing the 'Mandiant U.S.A Cyber Security' Ransomware message carefully reveals numerous inconsistencies, grammar errors and misspellings, indicating that it is actually part of a scam rather than a real, official message from the police.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\cache.dat |
Registry Details
URLs
'Mandiant U.S.A Cyber Security' Ransomware may call the following URLs:
| tagataman.de |
Messages
The following messages associated with 'Mandiant U.S.A Cyber Security' Ransomware were found:
|
Mandiant U.S.A. Cyber Security
FBI. Department of Defense U.S.A. Cyber Crime Center Interpol Attention! Your computer has been blocked for safety reasons listed below. You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc). You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of United States of America criminal law. Article 161 of United States Of America criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years. Also, you are suspected of violation of "Copyright and Related rights Law" (downloading of pirated music, video, warez) and of use use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of United States of America Criminal Law. Article 148 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine. It was from your computer, that unauthorized access had been stolen to information of State importance and to data closed for public Internet access. . . The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you. Amount of fine is 300$. You can settle the fine with MoneyPak or MoneyGram xpress Packet vouchers. As soon as the money arrives to the Treasury account, your computer will be unblocked in course of 24 hours. Then in 7 day term you should remedy the breaches associated with your computer. Otherwise your computer will be blocked up again and criminal case will be opened against yourself (with no option to pay fine). |
