‘Guardia Civil’ Ransomware
Posted: October 22, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 30 |
| First Seen: | October 22, 2013 |
|---|---|
| OS(es) Affected: | Windows |
The Guardia Civil Ransomware is a fake Police Trojan that claims the authority of the Spanish Civil Guard for locking your computer as punishment for your supposed interactions with illegal media (such as child pornography). Like similar kinds of fake Police Trojans, the Guardia Civil Ransomware delivers a screen-wide pop-up alert designed for a specific nation – in this case, Spain – and keeps you from accessing your desktop, but all of these attacks are fraudulent, and the Guardia Civil Ransomware doesn't attempt to detect any real computer-based crimes. Naturally, paying the ransom the Guardia Civil Ransomware demands isn't necessary, and SpywareRemove.com malware experts personally suggest that you use basic security techniques to disable the Guardia Civil Ransomware and then remove the Guardia Civil Ransomware with any anti-malware solution that's available.
The Ransomware Rain in Spain
The Guardia Civil Ransomware is a standard Police Ransomware Trojan that uses desktop-blocking browser pop-ups as a method of delivering fraudulent legal alerts about its victims' online behavior. Like many other types of fake Police Trojans, the Guardia Civil Ransomware accuses your PC history of being involved with underage pornography; however, the Guardia Civil Ransomware goes a step further than most such Trojans by also redirecting you to illegal pornographic sites prior to displaying this pop-up warning. This may lead victims into believing that the Guardia Civil Ransomware actually caught them red-handed in an illegal act – when, in reality, the Guardia Civil Ransomware is the instigator of the illegal action.
The language of the Guardia Civil Ransomware's current pop-up attack is specialized for Spanish victims, as are its legal references to the Guardia Civil and other institutions of the Spanish government. Malware researchers estimate that the Guardia Civil Ransomware is detecting appropriate victims through their IP addresses, although the Guardia Civil Ransomware also may be being delivered by download attacks that are targeting Spain specifically (such as some types of e-mail spam).
Although the Guardia Civil Ransomware's pop-up alert includes a ransom request that the Guardia Civil Ransomware claims should be paid to avert any other legal penalties, malware researchers find no advantages to paying this fake ransom – not even getting your computer back to normal. Ultimately, the Guardia Civil Ransomware's pop-ups always should be considered misleading messages to be ignored before taking appropriate steps towards disabling and deleting the Guardia Civil Ransomware free of charge.
Doing Your Civil Duty in Reducing the Threat of Police Trojans on the Web
The Guardia Civil Ransomware's distribution methods haven't been confirmed, although malware analysts have noted such PC threats often being distributed through drive-by-downloads from fraudulent pornography sites, as well as through typical spam e-mail attachments. Regardless of how the Guardia Civil Ransomware manages to get installed on your PC, the steps to uninstalling the Guardia Civil Ransomware always are the same: using secure startup methods (Safe Mode or a backup OS on a peripheral device) to block the Guardia Civil Ransomware's desktop blockade, and then using anti-malware applications to remove the disabled Guardia Civil Ransomware. Until then, your access to other applications and basic security functions will be highly restricted by the Guardia Civil Ransomware's attacks.
The Guardia Civil Ransomware only is one of many types of Police Ransomware Trojans that have been seen throughout the world, but especially in first-world nations such as the US and most of Europe. Similar kinds of Police ransomware Trojans to the Guardia Civil Ransomware that the Spanish should be especially watchful for include the 'Gobierno de España' Ransomware, the 'Se bloquea el proveedor de servicios de Internet' Ransomware, the a href="/removegrupodedelitostelematicosransomware.html" title="Remove Grupo de Delitos Telematicos Ransomware">'Grupo de Delitos Telematicos' Ransomware, the 'El Ordenador Se Ha Bloqueado Y Todos Sus Datos Se Cifran' Virus, the 'Ministerio del Interior de Uruguay' Ransomware and the Oficina Virtual de Denuncias Virus.
Technical Details
Additional Information
| # | Message |
|---|---|
| 1 | Guardia Civil Su ordenador ha sido bloqueada debido a la sospecha de descarga y distribución de contenido ilegal. El contenido ilegal mencionado (610 Mb de archivos de vídeo) ha sido clasificado automáticamente como pornografía infantil. Dichas acciones violan total o parcialmente las siguiente leyes españolas: Libro II; Título VIII; Capítulo VII La pornografía infantil se regula en el artículo 189 del Código Penal Español: 1. Será castigado con la pena de prisión de uno a tres afros) a) El que utilizare a menores de edad o a incapaces con fines o en espectáculos exhibicionistas o pornográficos, tanto públicos como privados, o para elaborar cualquier clase de material pornográfico, o financiare cualquiera de estas actividades. El que produjere, vendiere, distribuyere, exhibiere o facilitare la producción, venta, difusión o exhibición por cualquier medio de material pornográficos en cuya elaboración hayan sido utilizados menores de edad o incapaces, aunque el material tuviere su origen en el extranjero o fuere desconocido. El que haga participar a un menor o incapaz en un comportamiento de naturaleza sexual que perjudique la evolución o desarrollo de la personalidad de éste, será castigado con la pena de misión de seis meses a un año o multa de seis a doce meses. |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.