Browser locking scam?

I was just browsing the internet with Chrome browser when all the sudden this page popped up. I was unable to close the page or do anything in the browser unless I force quit from the task manager. I did however open a new window after closing Chrome, which seems to be working.
I assume this is one of those scams where a page pops up trying to scare people into sending money to have their browser "unlocked"... Can anyone confirm?

Edit:
After some quick research, this is apparently a "ransomware" scam where you will be prompted to send money to someone in return for having your computer or web browser unlocked.

reply to post by trollz

Reports about these are becoming more common.
Sometimes they take over the machine, so that you can only escape by powering off.
The worst ones resume control when you boot up the machine again, so the best hope for escape is starting in "safe" mode, if the machine has that option, and re-setting the system to an earlier state.
We need to be very wary.

reply to post by trollz


We had something like this in the UK.

A Police page would pop saying you have been seen on some... illegal websites, of which I wont go into... It then explained a new way to pay fines without due course, then asked for X amount of cash to get your browser back.

Report to a cyber crime team (if one exists!)

reply to post by DISRAELI


I did a scan of my pc with Malwarebytes, which showed nothing. I assume my computer is fine then, and that this was only confined to that specific web page?

reply to post by trollz

I don't have enough knowledge to say more than "let's hope so".
Just tread very warily and back up your data, just in case it happens again.

reply to post by trollz


The FBI was investigating the scam where your computer was locked until you sent money. Might be related.

Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money 07/27/13—The FBI’s Internet Crime Complaint Center (IC3) and the Department of Homeland Security (DHS) have recently received complaints regarding a ransomware campaign using the name of DHS to extort money from unsuspecting victims. In May 2012, the IC3 posted an alert about the Citadel malware platform used to deliver ransomware known as Reveton. The ransomware directs victims to a download website, at which time it is installed on their computers. Ransomware is used to intimidate victims into paying a fine to “unlock” their computers. The ransomware has been called “FBI Ransomware” because it frequently uses the FBI’s name, but similar ransomware campaigns have used the names of other law enforcement agencies such as DHS and IC3. As in other variations, the ransomware using the name of DHS produces a warning that accuses victims of violating various U.S. laws and locks their computers. To unlock their computers and avoid legal issues, victims are told they must pay a $300 fine via a prepaid money card. This is not a legitimate communication from law enforcement, but rather is an attempt to extort money from the victim. If you have received this or something similar, do not follow the instructions in the warning, and do not attempt to pay the fine. It is suggested that you: Contact a reputable computer expert to assist with removing the malware. File a complaint at www.IC3.gov. Keep operating systems and legitimate antivirus and antispyware software updated.

remove Moneypak

Remove FBI Green Dot Moneypak Virus

reply to post by trollz


Download a good anti malware, I recommend malware bytes' www.malwarebytes.org... run as admin and let is clean your system as this happens when you inadvertantly click something, stick to incognito browsing as well and keep your virus checker up to date, I would recomment bulldog anti virus www.bullguard.com... but there are cheaper and even free alternative's.
It really is good but so are the alternative's.
Best of luck.


Sorry I just read your later post, so you already scanned it, then it was an url redirect and it is good you never tried to click and fight the mouse as it sometimes uses that to trick you into allowing it to activate a corrupt routine and install malware that way.
Apparently this was getting more popular but the software they use originated in eastern europe and was made by eastern european mafia, the european version uses a europol identity, look's like your virus checker blocked it as well.

After starting up in safe mode and using the msconfig command to go back to a system restore point before the infection occurred, you must then scan with Malwarebytes to physically remove the virus.

The important thing is not to panic!

trollz
reply to post by DISRAELI

 

I did a scan of my pc with Malwarebytes, which showed nothing. I assume my computer is fine then, and that this was only confined to that specific web page?

Malwarebytes, while great, doesn't catch everything.

Your browser works now? Good news but doesn't mean something didn't make it's way in because of the infected page. Better safe than sorry- one reason why-BTC miners turning computers into slave drives to just in general annoying ad pop-ups.

Try others such as,
Spybot Search & Destroy, SuperAntiSpyware, Kaspersky Anti-Virus...etc.

CCleaner to clean out your registry then restart your computer.

reply to post by trollz

There are already more than a few threads about this one here on ATS. You should reply and review them there.