Trojan.Ransom.PARPE

Trojan.Ransom.PARPE is an integral part of a multi-pronged malware attack that combines numerous harmful components into a single coordinated malware campaign. Trojan.Ransom.PARPE is the final portion of an attack that begins with a fake YouTube Web page. This bogus YouTube Web page may be used to distribute a fake Flash Player that installs a backdoor on the victim's computer and a ransomware component. This ransomware threat, detected as Trojan.Ransom.PARPE, is designed to steal money from a computer user by using threats and social engineering. To prevent Trojan.Ransom.PARPE attacks, it is important to avoid unsafe websites containing pornographic material. ESG malware researchers strongly advise computer users to avoid downloading updates for Flash Player from any location other than Adobe System's official Flash Player website.

Instead of an Adult Video PC Users Get Trojan.Ransom.PARPE

Essentially, the Trojan.Ransom.PARPE attack begins when a computer user visits a bogus YouTube website. This fake YouTube Web page claims to offer adult videos, a service that is not actually offered by YouTube. However, when the computer user attempts to view videos on this fake YouTube Web page, an error message is displayed claiming that it is necessary to download a Flash Player update. This supposed update is actually a Trojan known as Trojan.FakeFlash, which installs a back door on the victim's computer. The compromised message also gives the computer user the fake option of downloading all of the adult video content on this fake YouTube Web page. However, what this option actually does is download a series of screen saver files that are actually a part of a ransomware scam. These malicious files are detected as Trojan.Ransom.PARPE and are used to extort the victim.

How Trojan.Ransom.PARPE Extorts Money from Computer Users

The files containing Trojan.Ransom.PARPE are fake screen saver files that take advantage of changes made to the infected computer settings that prevent the computer user from disabling the screen saver on the infected computer. These 'screen savers' display a message that accuses the computer user of engaging in illegal activities, especially downloading illegal pornographic material. The messages claim to be associated with the law enforcement and threaten the computer user with enormous fines and jail time unless a fake police fine is paid through an electronic payment service. These types of threats are known as 'ransomware' because they take a computer hostage and then demand the payment of a ransom.