Revoyem

By CagedTech in Ransomware

Revoyem, which also goes by the name 'DirtyDecrypt', is a large malware family that carries out attacks that target specific geographical locations. Like other ransomware, Revoyem blocks access to the victim's computer and then asks for the payment of a large ransom to restore access. Revoyem is quite aggressive because its ransomware component is often coupled with a redirect component that forces computer users to visit an unreliable website containing child pornography. In most places, viewing child pornography carries enormous penalties and is considered extremely illegal. This makes Revoyem's accusations quite serious and quite scary for the victims. Many ransomware infections accuse victims of this crime to demand payment of enormous ransoms from frightened computer users. In this case, the accusation is accompanied with a redirect that makes the accusation technically true and much scarier for inexperienced computer users.

Revoyem Forces the PC User to Visit Highly Compromised Websites

Malware analysts have observed that Revoyem infections have appeared in Europe, the United States and Canada with the possibility of Revoyem spreading to the rest of the world in the same way as other threat families have done in recent years. Revoyem is linked to a JavaScript browser hijacker that is used to redirect PC users to compromised pornographic websites or advertisements with adult content. These types of redirects are designed to force the computer user to visit a website containing child pornography and sexual content. This website also contains the Styx Exploit Kit, which installs the Revoyem ransomware Trojan on visitors' computers. This Trojan then accuses the victim of viewing illegal pornography and demands payment of a ransom using Ukash, PaySafeCard or other electronic payment methods. In this case, the accusations are true: the victim's computer did visit a website with illegal pornographic content. However, components associated with the Revoyem itself are the ones responsible for forcing computer users to view this content.

A Different Name for a Well Known Kind of Ploys

The Revoyem scam is not very different from most other Police Ransomware families. However, the fact that Revoyem redirects computer users to websites containing illegal pornographic content makes Revoyem considerably more dangerous than its predecessors.

  1. Revoyem prevents all access to the victim's computer.
  2. Revoyem uses a threatening message to scare the victim into believing that the infected computer was blocked by the police
  3. Revoyem claims that it is necessary to pay a fake police fine in order to restore access to the infected computer and avoid jail time and other severe penalties.

Related Posts

Trending

Most Viewed

Loading...