The FBI is warning consumers about a new scam that's using a piece of malware called Citadel to redirect users to a scam site that installs scareware on their machines and demands a $100 payment to unlock them. The twist in this scam is that it uses the threat of prosecution by the Department of Justice as the prompt to get victims to pay.
The malware is part of a drive-by download attack that's used to install the scareware on users' machines. The attack is not much different from many others that have been in use for the last few years, with the infection routine involving users being sent to a malicious site as the first stage. Typically, the site then uses an exploit against a vulnerability in the user's browser, which then installs the scareware program.
