Ransom.ZAAC Description

Ransom.ZAAC belongs to a kind of malware infection commonly referred to as 'ransomware.' Ransomware is malware that enters a computer system and basically attempts to blackmail the computer user or harass the computer user in order to force the computer user to pay a certain amount of money in order to stop the attack. The most common kind of ransomware is the Winlocker, which is basically a simple malware infection that locks Windows, blocking access to the desktop, Task Manager and other Windows components commonly used to remove or recover from malware. However, simply blocking the victim's computer is not enough. These ransomware attacks tend to be accompanied with messages and scams of varying complexity that may claim that the victim's computer has been blocked for a variety of reasons and indicating how the victim should pay the ransom. Ransom.ZAAC disguises itself as a message from Italian law enforcement, claiming that the victim's computer was connected to child pornography and that the entirety of the victim's data will be erased and legal action will be taken unless a ransom of one hundred Euros is paid. Obviously, a crime so serious as child pornography would merit a punishment and action much more severe than a mere one hundred Euro fine. Even so, ESG security analysts report that this scam has managed to allow criminals to steal the money of a very large number of inexperienced computer users.

The Ransom.ZAAC Fake Message from the Italian Police Force

There are many versions of the Ransom.ZAAC scam, each corresponding to different countries in the European Union. Each version of Ransom.ZAAC uses the language and police force logos of the country Ransom.ZAAC is targeting. Ransom.ZAAC in particular has been distributed through malicious JavaScript exploits contained in hijacked websites. The fake Italian police force message from Ransom.ZAAC is written in Italian with the Italian police logos and flag as well as basic data that can easily be obtained about the victim's computer, such as Operating System version, web browser and IP address. If you have experience managing the Windows Registry, you can disable the Ransom.ZAAC message by simply entering the Windows Registry editor and disabling the registry key that allows Ransom.ZAAC to start up automatically when Windows starts up. To gain access to your anti-malware software, it is usually helpful to start up in Safe Mode or boot Windows from an external source. Whatever you do, do not pay Ransom.ZAAC's ridiculous fine!