contadores de paginas web Saltar al contenido

Windows blocked with a false message from the Spanish police (ransomware)

virus de la policía españa

Ransomware is a type of malware that blocks folders, files and even access to the system to request in return some kind of reward that allows attackers to earn money.

In the following 1-minute video you can see how many of these attacks operate, when a Trojan is run the computer restarts and is blocked showing a window that requests to send text messages to obtain a password (SMS ransomware):

Generally, when the computer freezes, there are ways to recover it without paying (reverse engineering, antivirus, etc.), but in more extreme cases this is not possible. There are variants that encrypt folders, files, and even entire drives such that the only option for recovery is to pay to get the encryption key, but luckily these variants are not often seen.

The following is an example similar to the video that blocks access to Windows showing a false warning, the peculiarity of this case is that the message He pretends to be from the Spanish police:

As you can see, the message requests the payment of a fine of 100 euros and refers to an alleged illegal activity. To make the situation more credible, data from the infected computer such as the IP, the browser, the operating system, the country and the Internet provider are displayed.

This variant has been circulating for a long time and can also be found in different languages, this screenshot I have taken from XyliBox where they have been published more details and steps to unlock the computer, it is necessary to access the Windows registry and edit a line.

If you got infected with this virus and you have problems to eliminate it, do not hesitate to leave a comment to help you.