Anonymous Virus (Ransomware)

Anonymous Virus (Ransomware) Image

The Anonymous Virus is a peculiar variant of the infamous ransomware Trojan usually detected as the Ukash Virus. Rather than impersonating a law enforcement agency, like the many other variants of this malware threat, the Anonymous Virus impersonates a message from an online collective associated with 4-Chan known as Anonymous. This group has frequently been mentioned as a terrorist group due to the attacks they carry out using online resources. However, ESG security researchers have observed that the Anonymous Virus is simply one more version of a known ransomware Trojan and that any direct connection with Anonymous is nonexistent. Rather, the Anonymous Virus claims this association in order to make its attack more believable and to scare inexperienced computer users into paying a ransom of one hundred pounds. The Anonymous Virus displays the following ransomware message:

We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.
Tango down!
Your computer has been hacked by the Anonymous Hackers Group and locked for the moment. All files have been encrypted. You need to pay a ransom of £100 within 24 hours to restore the computer back to normal. If the ransom is not paid on time all the contents of your computer will be deleted and all your personal information such as your name, address, D.O.B., etc. will be published online, after this has been done the process, ram and motherboard will be fried.

This malware threat is used to attack computer users located in the United Kingdom. Despite the claims the Anonymous Virus makes in its message, the Anonymous Virus does not actually encrypt your files and does not possess the capability to steal your personal information, delete the contents of your computer or damage your hardware. All this malware infection does is block access to the infected computer by making changes to the Windows Registry that allow the Anonymous Virus start up automatically while blocking access to Windows services such as the Registry Editor or the Task Manager at the same time. This effectively prevents the computer user from gaining access to the infected computer which will have been taken hostage by this malware threat. ESG security researchers strongly advise against paying the Anonymous Virus' ransom. Doing this will do nothing to unlock your computer and will result in criminals gaining access to your valuable personal information.

Fortunately, the Anonymous Virus can be removed in the same way as most Ukash Virus infections. The most important step in removing the Anonymous Virus is gaining access to security software installed on the affected computer. To do this, computer users should use an alternative boot method such as starting up Windows from an external memory device. More advanced computer users can gain access to the Registry Editor by starting up in Safe Mode with a Command Prompt. The Anonymous Virus is not difficult to remove manually but, since this requires manipulating the Windows Registry, ESG security researchers instead recommend using a reliable anti-malware tool to carry out automatic removal of this malware infection.