Trojan:HTML/Ransom.A
The Trojan:HTML/Ransom.A Trojan is a malware infection that takes the victim's computer hostage and then refuses to regain control of the affected PC until the victim pays a ransom. This Trojan infection is known by several different names and is usually referred to as a variant of the Ukash Virus. One of the reasons why Trojan:HTML/Ransom.A has so many different names is that Trojan:HTML/Ransom.A adapts its payload according to the victim's IP address. Computer users in the United States will receive an entirely different payload than computer users in the United Kingdom, Germany or Italy. Variants of Trojan:HTML/Ransom.A have been uncovered targeting computers in most of the member states of the European Union, United Kingdom, United States and Canada.
Malware programs like Trojan:HTML/Ransom.A are often referred to as Winlockers since their main tactic consists in locking the victim out of their desktop and files. If you are not been able to access your files and that some kind of alarming message demanding cash is displayed when logging on to Windows, there is a good chance that your machine is infected with Trojan:HTML/Ransom.A or one of its many variants. Fortunately, Winlockers are usually not very complex. To bypass their alarming message it is often enough to start up Windows in Safe Mode or from an external drive. Then, most reliable anti-malware programs will have no trouble dealing with a Trojan:HTML/Ransom.A Trojan infection.
How Trojan:HTML/Ransom.A Scam Works
Most of the time, Trojan:HTML/Ransom.A's alarming message will impersonate the law enforcement agency of the targeted country. This message will usually claim that the infected computer was involved in copyright infringement (that is, distributing and containing illegally-copied media and software) or that it was involved in illegal pornographic activities (such as trafficking with child pornography). Trojan:HTML/Ransom.A will claim that the victim's computer system has been locked by law enforcement until a fine is paid, usually via the Ukash money transfer service. Of course, legitimate law enforcement agencies do not work in this way and Trojan:HTML/Ransom.A's message has absolutely no connection to any official institution.
Trojan:HTML/Ransom.A attack is tailored to fit the infected computer's country of origin. The message Trojan:HTML/Ransom.A displays will contain official seals and logos for that country's law enforcement agency (for example, computer users in the United States would receive a message from the FBI and computer users in the United Kingdom would receive a message from Scotland Yard). It will also be written in the targeted country's language and the ransom Trojan:HTML/Ransom.A demands will be displayed in that country's currency.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.