Canadian Security Intelligence Service (CSIS) Pop-up Alert

Canadian Security Intelligence Service (CSIS) Pop-up Alert Description

Screenshot

The Canadian Security Intelligence Service (CSIS) pop-up alert and the Ukash Virus

Until recently, the infamous Ukash virus had only attacked computer systems located in Europe. However, recent versions of this Winlocker have appeared targeted towards computer users in the United States and Canada. For a long time, the Ukash virus (known for such ransomware as the Metropolitan Police attack) was a relatively obscure malware attack. However, ESG security analysts detected a few months ago that the criminals behind this virus made the Canadian Security Intelligence Service (CSIS) pop-up alert available on an affiliate basis, allowing hackers to profit by infecting as many computer as possible with the Canadian Security Intelligence Service (CSIS) pop-up alert. In the last couple of years, this has given rise to a host of different versions of this Winlocker, in a dozen of languages and impersonating dozens of different law enforcement agencies around the world. The Canadian Security Intelligence Service (CSIS) pop-up alert is basically the Canadian version of this fake police message. Make no mistake about it, the Canadian Security Intelligence Service (CSIS) pop-up alert has no relationship to the CSIS but is actually part of a well-known malware infection.

How the Canadian Security Intelligence Service (CSIS) Pop-up Alert Scam Works

Like other versions of the Ukash virus, the Canadian Security Intelligence Service (CSIS) pop-up alert claims to be a message from the CSIS claiming that the infected computer system was associated with websites containing illegal pornographic content, such as child pornography or bestiality. It threatens to initiate legal action against the computer user unless the victim pays a one hundred Canadian dollar fine, through the money transfer service Ukash.

The Canadian Security Intelligence Service (CSIS) pop-up alert infection blocks all access to the Task Manager and to the infected computer's desktop, essentially taking the infected computer system hostage until the victim pays the fine. However, this infection is not particularly sophisticated. ESG malware analysts recommend starting up in Safe Mode or from an alternative boot method in order to bypass the Canadian Security Intelligence Service (CSIS) pop-up alert. Once this is done, the victim can remove the Canadian Security Intelligence Service (CSIS) pop-up alert with a reliable anti-virus program. Computer users with the knowledge necessary to manipulate the Windows Registry can also manually edit the registry in order to prevent the Canadian Security Intelligence Service (CSIS) pop-up alert from launching automatically. Then, it is a simple matter of locating and removing all files associated with this threat.