Threat Database Ransomware 'CIA Special Agent 767' Screen Locker

'CIA Special Agent 767' Screen Locker

By GoldSparrow in Ransomware

The 'CIA Special Agent 767' screen message isn’t related in any way to the legitimate Central Intelligence Agency of the United States of America. The 'CIA Special Agent 767' message includes a fake badge for an agent with the code name 767 and claims that the user's files are encrypted 'using an extremely secure and unbreakable algorithm.' In reality, the notification is shown by the 'CIA Special Agent 767' Screen Locker Trojan that may have been installed on your PC via a macro-enabled file, riskware or a fake update to plug-ins like Adobe Flash and Java. The 'CIA Special Agent 767' Screen Locker Trojan does what its name suggests—it displays a lock screen and prevents the user from accessing the desktop and the file manager.

The 'CIA Special Agent 767' Screenlock cannot be Removed with a Simple Alt+F4 Keyboard Command

Researchers reveal that the 'CIA Special Agent 767' Screen Locker Trojan disables keyboard shortcuts, as well as built-in tools on the OS, such as cmd.exe, taskmngr.exe and regedit.exe. Thus, users have a hard time in removing the 'CIA Special Agent 767' lock screen. The Trojan at hand is designed to simulate a situation similar to the aftereffects caused by the GoldenEye Ransomware. The 'CIA Special Agent 767' Screen Locker does not encrypt files, yet. The 'CIA Special Agent 767' Trojan is programmed to create a ruse and make the users think data was encrypted on the device. Thus, most users may be willing to seek help from 'Agent 767' and pay 100 USD via Bitcoin. The message displayed by the 'CIA Special Agent 767' Screen Locker reads:

'CIA Special Agent 767
IMPORTANT! PLEASE READ!
Unfortunately the files on this computer (documents, photos, videos) have been encrypter using an extremely secure and unbreakable algorithm. This means that the files are now useless unless they are decrypted using a key.
The good news is that your files are not lost forever! This tool is able to rescue the files on your computer for you!
BY PURCHASING A LICENSE FROM US, WE ARE ABLE TO RESCUE YOUR FILES 100% GUARANTEED FOR EVERY LOW EARLY BIRD PRICE OF ONLY $100 USD!* In 5 days however, the price of this service will increase to $250 USD, and after $500 USD. Payment is accepted in Bitcoin only. You can purchase Bitcoin very easily in your area by bank transfer, Western Union, or even cash.
If you already purchased the key put it here [text box]
Bitcoin Address: [34 random characters]'

The 'CIA Special Agent 767' Screen Locker is the New 'M4N1F3STO Virus' Lockscreen Trojan

Researchers that analyzed samples of the 'CIA Special Agent 767' Screen Locker reported that it is a new version of the 'M4N1F3STO Virus' Lockscreen Trojan. If you were compromised by the 'CIA Special Agent 767' Screen Locker, you could enter the code 'suckmydicknigga' in the text box placed at the bottom of the 'CIA Special Agent 767' lock screen. Hit enter, and you will be presented with the following message box:

'JUST DELETE IT
TO REMOVE TI
HAHA YOU HAVE BEEN
FOOLED'

The executable used to generate the 'CIA Special Agent 767' lock screen is likely to be hosted in the Temp directory on the system partition where most threats are known to lurk. Researchers suspect that the 'CIA Special Agent 767' Screen Locker and its predecessor are the work of coders who lack skills and aim to make a quick buck from scaring PC users. Regardless of the agenda behind the 'CIA Special Agent 767' Screen Locker users should be careful when installing updates from insecure locations and should avoid spam emails altogether. You may want to install a reliable anti-malware scanner that can find and eliminate the 'CIA Special Agent 767' Screen Locker Trojan without damaging your OS.

SpyHunter Detects & Remove 'CIA Special Agent 767' Screen Locker

File System Details

'CIA Special Agent 767' Screen Locker may create the following file(s):
# File Name MD5 Detections
1. file.exe 3c74f228af8d9bd3b329a59cfb45e112 0

Trending

Most Viewed

Loading...