DirtyDecrypt

DirtyDecrypt, also known by the alias 'Revoyem', is a large family of Police Ransomware Trojans that is designed to infect computers in a specific geographical location, blocking access to the victim's computer and demanding payment of a large ransom to unblock the victim's computer. DirtyDecrypt infections are particularly aggressive and may even redirect computer users to a vicious website containing underage pornography. In most countries, viewing underage pornographic content is a severe crime with huge penalties. This makes accusations of viewing this kind of content quite serious and extremely frightening for the victim. This kind of accusation is often used by ransomware infections to extract ransoms from frightened computer users. In the case of DirtyDecrypt, this accusation is accompanied with a redirect to a website containing this kind of treacherous content, making the accusation much more authentic and scary for inexperienced computer users.

The Unsafe Associations of DirtyDecrypt

DirtyDecrypt infections target computer users in Europe, the United States and Canada and it is possible that these infections may spread to other countries around the world much like other prominent Police Ransomware families, such as the Reveton family of malware. DirtyDecrypt may be associated with a JavaScript redirect Trojan that is placed in compromised pornographic websites or advertisements containing adult content. These types of infections are designed to redirect the computer user to a website containing what appears to be child pornography or underage sexual content. In the background, the Styx Exploit Kit installs the DirtyDecrypt ransomware Trojan on the victim's computer. This Trojan will then accuse the victim of viewing illegal content and demands payment of an enormous ransom. In this case, the accusations are technically true: the infected computer was used to view underage pornography. However, it's the ransomware infection itself that directed your computer to view this type of content in the first place.

How DirtyDecrypt Scam Computer Users

The DirtyDecrypt scam itself is typical of most Police Ransomware infections, but with the added redirect component that takes your Web browser to a website that appears to contain underage pornography:

1. DirtyDecrypt blocks access to your computer.
2. DirtyDecrypt displays a message that claims that access was blocked because your computer was used to view underage pornography.
3. DirtyDecrypt demands payment of a fine using PaySafeCard, Ukash or other money transfer services to unlock the infected computer.