Is your computer locked with MoneyPak virus, Ukash virus or Paysafecard virus, which are blocking your computer and asking for $100 or other amount to unlock your computer? These viruses are made maliciously to scam computer victims for profits, though some of the ransom botnet networks have been taken down by officials of local law enforcement department like FBI and Australian Federal Police,  and international police organization like Interpol and Europol.

We reported the Reveton Ransomware variants extensively last year, and with the year of 2013, the lock-screen ransomware is becoming more prevalent and more difficult to remove them completely even remotely by YooSecurity professionals, as some of the ransomware is using certain encryption algorithm to lock the files of the victims. If your PC is locked by certain MoneyPak, Ukash or Paysafecard virus, like FBI MoneyPak virus, Online Agent virus, Decrypt Protect virus and the latest International Cyber Security Protection Alliance virus, don’t ever attempt to pay the ransom as the virus could still remain in your computer and compromise your privacy without any consent. YooSecurity has updated all of the FBI virus scam variants on this post.

What is MoneyPak virus, Ukash virus or Paysafecard virus?

MoneyPak, Ukash and Paysafecard are various payment services that are used by malware authors to extort ransom from victim users. As there are more Reveton variants than we can possibly remember, the Internet has given them the names by the payment services. All of these MoneyPak, Ukash and Paysafecard viruses are also known as police ransomware that attempt to deceive the victims into paying the requested fine to unblock the computer access, by disabling the computer functions and displaying a warning message that the victims have visited illegal child porn abuse or file sharing websites and violated the specific laws where the victims are located. The followings are the roundup of Australian Federal Police International Cyber Security Protection Alliance (ICSPA) virus scam recently released to scam the victims worldwide.

Australian Federal Police International Cyber Security Protection Alliance (ICSPA) Ukash Virus Scam


FBI Cybercrime Division International Cyber Security Protection Alliance (ICSPA) MoneyPak Virus Scam


United Kingdom Police Central e-Crime Unit International Cyber Security Protection Alliance (ICSPA) Ukash Virus Scam


Royal Canadian Mounted Police International Cyber Security Protection Alliance (ICSPA) Ukash Virus Scam


Other European Cybercrime Centre Europol (EC3) Virus Scam























After the victims turn on their computer, one of the warning message above will be shown, based on the geolocation where they live. The warning message appeared to be from the local law enforcement agency (EC3 in Europe and ICSPA worldwide), and threatened further financial penalties as well as possible criminal charges if you don’t pay the fine immediately via MoneyPak, Ukash or Paysafecard. Some of the variants take your data hostage by encrypting it using supposedly unbreakable encryption algorithms and then demands immediate payment in exchange for the decryption key. When your computer is infected by the MoneyPak virus, Ukash virus or Paysafecard virus, the main screen of PC would show you fake notifications which alert you that you have violated the laws and related policy. The victim computer is immediately locked up and the warning message pops up, claiming to be coming from the police and accusing the user of violating copyright laws, sending SPAM email, and also distributing pornographic content. Most of the victims, of course, will be nervous to see such warning message and settle the requests mentioned in the alarming letter because they are deceived to believe there will be an authority to arrest them if they don’t pay and are punished by violating related right laws and copyright. It is very common to see that computer users would be fooled when receiving such message from the local authority of their country.

The MoneyPak virus, Ukash virus or Paysafecard virus will lock you out of your computer and applications, so whenever you’ll try to log on into your Windows operating system normally or via Safe Mode with Networking, it will forcibly pop up a lock screen asking you to pay anywhere from 100 to 200 Euro/$ in the form of a MoneyPak, Ukash or PaySafeCard code. Once the virus is installed, it disables most of the computer functions and changes the system settings. The creators of the MoneyPak virus, Ukash virus or Paysafecard virus only accept those forms of payment because there is no way for the user to attempt to get their money back when they realize that they have been scammed. The fake notification from the virus will display PC users IP address and location for socially deceiving purposes (for example, the FBI virus). It would show you and list what kind of the terms or acts you have been violated. And it would scare you that you must pay the fine within 72 hours if you want to unblock your computer screen. This criminal case would be rescinded after your payment otherwise, you will face more further troubles.  You should realize that the  virus is not real, as no legitimate law enforcement agency is ever going to lock your computer or demand that a payment is sent through the computer via MoneyPak, Ukash or Paysafecard. If you did violate the related laws, you would receive a call or letter from the police station but no warning message with requirement for a fine on your computer. Most of the PC users get this infection after they download some files or surf porn sites online. That is why we always suggest that do not download files on untrusted website, open attachment from suspicious email or surf so-called free porn websites.  With all being said, if you have do idea about how to remove the MoneyPak virus, Ukash virus or Paysafecard virus by yourself, you can always contact YooSecurity experts for more immediate professional malware support.

Published by Tony Shepherd & last updated on May 18, 2013 6:53 am

Leave a Reply