‘NSA Internet Surveillance Program’ Ransomware

Posted: August 14, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	11,578
Threat Level:	2/10
Infected PCs:	1,761

First Seen:	August 12, 2013
Last Seen:	September 30, 2023
OS(es) Affected:	Windows

The 'NSA Internet Surveillance Program' Ransomware is a variant of the 'Your Computer is Locked' Ransomware that, like its recent ancestor, displays fraudulent legal warnings to encourage its victims to pay illegal ransom fees. The 'NSA Internet Surveillance Program' Ransomware's pop-up alerts will record your webcam input, reference legitimate US government institutions like PRISM and cite various laws that your computer supposedly has been used to break, but the 'NSA Internet Surveillance Program' Ransomware is not legitimate government software and always displays its alerts regardless of your true Internet history. Since the 'NSA Internet Surveillance Program' Ransomware is a danger to your PC as a result of its attempt to lock Windows, SpywareRemove.com malware researchers encourage you to keep a tight grip on your money and remove the 'NSA Internet Surveillance Program' Ransomware without paying its ransom – preferably through using anti-malware tools that can ensure that the 'NSA Internet Surveillance Program' Ransomware is removed in its entirety.

When Government Surveillance Finds Crimes that Aren't There

The 'NSA Internet Surveillance Program' Ransomware is one of the newer fake Police Trojans to grab onto the recent news of PRISM as a new plausible excuse for its ransomware attacks, along with similar PC threats like the 'Computer Crime Prosecution Section' Ransomware and PRISM 'Your Computer has been locked!' Ransomware. Despite its display of a pop-up alert that supposedly is legitimized by various branches of US law enforcement, the 'NSA Internet Surveillance Program' Ransomware is not a legal program and doesn't have a right to lock your computer (as the 'NSA Internet Surveillance Program' Ransomware generally will do while displaying its fake pop-up warning).

SpywareRemove.com malware experts note that the 'NSA Internet Surveillance Program' Ransomware uses a basic template for its legal threats that are common to past fake Police Trojans and recommend ignoring the legal accusations included therein. Although the 'NSA Internet Surveillance Program' Ransomware claims to attack and lock PCs related to crimes like viewing child pornography, the 'NSA Internet Surveillance Program' Ransomware cannot detect these activities and will display its alert on any PC that the 'NSA Internet Surveillance Program' Ransomware can infect.

As was the case with other Police Ransomware Trojans of its family, the point of the 'NSA Internet Surveillance Program' Ransomware's pop-up and system lockdown is to encourage its victims to pay a fake legal fine that supposedly will unlock their computers. Since SpywareRemove.com malware experts don't consider paying the 'NSA Internet Surveillance Program' Ransomware necessary for unlocking an infected PC, you should ignore this ransom demand, which has no affiliation with the National Security Agency, PRISM or any other government institutions. It also is worth mentioning that government reconnaissance program of PRISM requires a US warrant for the relevant authorities to act on the information it gathers – a small fact that makes it easy to notice the fraudulent nature of the 'NSA Internet Surveillance Program' Ransomware's ransom scam.

Lastly, the 'NSA Internet Surveillance Program' Ransomware does include a webcam-monitoring function that displays in its warning message. SpywareRemove.com malware experts have not yet confirmed whether any information monitored in the webcam actually is transferred to a remote server, but victims of the 'NSA Internet Surveillance Program' Ransomware attacks should be aware of the potential for their personal webcam data being compromised.

Ending the Surveillance Program that Surveys Too Much

While the 'NSA Internet Surveillance Program' Ransomware is active and displaying its pop-up alert, the 'NSA Internet Surveillance Program' Ransomware will block you from using other applications that are central to your PC's safety. However, rather than paying the 'NSA Internet Surveillance Program' Ransomware's ransom, SpywareRemove.com malware experts have found that applying traditional anti-malware solutions will allow you to remove the 'NSA Internet Surveillance Program' Ransomware for free. Booting your PC through a removable device and running anti-malware scans from within Safe Mode are recommended for deleting the 'NSA Internet Surveillance Program' Ransomware safely.

The 'NSA Internet Surveillance Program' Ransomware does not distribute itself. Previous ransomware campaigns related to the 'NSA Internet Surveillance Program' Ransomware often have used website-based drive-by-download attacks and/or spam e-mail-based Trojans to attack new computers.

Technical Details

Additional Information

The following URL's were detected:

mybestdc.com