I was recently reading a news article on e a reputable website when I spotted an ad offering something. I clicked on it and in an instant my potential nightmare began. On the screen was an official looking message with a Microsoft logo. The message insinuated that Microsoft had detected spyware and malware and that financial and personal data was being stolen bad hackers. The notice indicated that in order to fix this situation I should call 1-888-265-5330. My first response was to question if this was for real as I have a very sophisticated program to prevent this. I was suspicious, so I simply turned off my computer.
When I turned it back on, the message was still there and I had no control or functionality of the computer. Now, I was concerned. So, I called and a man with an Indian sounding voice answered. I told him what happened and he indicated that he could help. I asked him how much would it cost and his response was that it might be free if nothing is found. He would not tell me how much if something was found. I asked him if he was in India, he said no, the business was in L.A. and gave an address. I didn't believe him.
I told him angrily that this is bullshit, it is ransomware. He declared it was not. I told him that you want me to pay you to fix my computer. That is ransom. He was holding my computer hostage until I paid him. He tried to scare me about what may happen should I try to remove it. In the end, I hung up.
What To Do
After the call, I turned off my computer by holding down the start button for several seconds. It seemed to have turned off. However, I noticed that my Start button was glowing off and on. At first, I was stumped until I remembered that this means the computer is in hibernation mode. When I tapped the button again, the same ransomware screen displayed. I really had not turned off my computer fully. This time, I held the button down until the computer actually turned off and the button no longer glowed.
On restart, the computer worked totally fine and normal. I used my detection software and a full scan for malware, spyware, ransomware. Nothing was found because the ransomware notice was only in my computer's memory not the hard drive. It was persistent and used hibernation to fool me at first.
If you have ran into ransomware, do not panic. Simply turn your computer off and make sure it does not go into hibernation mode. Leave the computer off for 10 seconds and then restart.