CashU 'Computer Blocked' Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 50 % (Medium) |
Infected Computers: | 1,364 |
First Seen: | April 8, 2013 |
Last Seen: | November 1, 2024 |
OS(es) Affected: | Windows |

CashU 'Computer Blocked' Ransomware Image
The CashU 'Computer Blocked' Ransomware are a variety of Police Ransomware attacks that target computer users in the Middle East. Attacking countries like the Saudi Arabia, the United Arab Emirates and Lebanon, these Police Ransomware infections display messages that demand payment through CashU, a money transfer service often used to make online payments in this part of the world. This is a similar tactic to what ESG security researchers have observed in previous attacks, which also rely on similar online payment services in order to carry out their attacks. It is important to note that CashU is a legitimate money transfer facility that is not directly related to the CashU 'Computer Blocked' Ransomware Trojan or with any of its variants. In fact, reporting the scam in time can qualify computer users for a refund.
The CashU 'Computer Blocked' Ransomware Represents a New Step in Ransomware Development
As the Police Ransomware becomes more sophisticated, payment methods have also evolved. ESG security researchers have observed how new variants of these attacks also look for new ways to monetize the ransomware infection. The first variants of these scams, detected in the Russian Federation as early as 2006 demanded payment of a ransom through SMS. As these attacks spread through Western Europe, they started demanding payment through Ukash and PaySafeCard. In 2012, variants of these scams started to appear in North America. The preferred method of payment for North American variants of the CashU 'Computer Blocked' Ransomware scam is the GreenDot MoneyPak. The CashU 'Computer Blocked' Ransomware represents the next step in these infections' evolution. As criminals start targeting computer systems with IP addresses located in the Middle East, they have started to integrate CashU, a money payment service that offers its services in that region of the world.
The CashU 'Computer Blocked' Ransomware scam is similar to the many other Police Ransomware Trojans that exist today. These kinds of attacks typically follow the same steps in order to steal money from their victims. A CashU 'Computer Blocked' Ransomware infection typically has the following steps:
- The CashU 'Computer Blocked' Ransomware blocks access to the infected computer, impeding the victim from conecting the infected computer's desktop.
- The CashU 'Computer Blocked' Ransomware displays a message claiming that the infected computer was blocked by a law enforcement.
- The CashU 'Computer Blocked' Ransomware demands payment of a police 'fine' through CashU.
URLs
CashU 'Computer Blocked' Ransomware may call the following URLs:
customsearch.info |