For Windows users, the bluescreen has always been an unpopular companion. With a new malware called “Troubleshooter” takes the blue crash message but particularly perfidious traits: The malicious software blocks namely with a fake blue screen on the screen of the victim and releases him only when the user for $ 25 alleged security software purchases.
Blackmail on blue screen, payment by Paypal
The online magazine Heise , citing a blog post by Malwarebytes , claims that the malware camouflages itself as an installer for a supposedly cracked software that is not named exactly. After installation, it downloads additional files for displaying various blue screens and alerts. In addition, a screenshot of the active window is created and sent to a fixed IP address.
The malware blocks a number of hotkeys for Windows as well as the suspension of the screen lock by the user. Then she takes care of the aforementioned blue screen and then opens a warning that the user can not close due to the blockages.
The alert will then include a listing of various system issues as well as the request to pay $ 25 for the alleged security software “Windows Defender Essentials” – amazingly via Paypal. When the victim pays, the malware directs him to a website that he compares with and then quits.
Workaround to unlock
However, the blocking of your own computer due to the fake blue screen according to Malewarebytes can be handled quite easily: By entering “Ctrl + O” in the warning window, another window opens in which you can enter the URL that the malware activates for activation can.
If you open the address with the text string “thankuhitechnovation” in this way, the malware will believe in a payment and exit automatically. A detailed description of this workaround and details about how to remove the malware can be found on the Malwarebytes blog.