Your Windows Has Been Banned malware makes a comeback

The “Your Windows Has Been Banned” malware has made a comeback, albeit, this time asking victims to pay US$50 in Bitcoin in order to unlock their Windows operating systems. This is the 2nd coming of this malware after it was first detected in the year 2016, throwing up messages to the victims that their Windows OS installation had been frozen due to the violation of the Microsoft and Windows terms. At that time, the ransom message instructed victims to call a Microsoft technical support phone number. However, the number served no help to the users and instead it routed them to an agent selling unnecessary services.

The users were also told that they need to pay $99.99 for a new Windows license.

Your Windows Has Been Banned malware

Your Windows Has Been Banned

The 2nd version of the Your Windows Has Been Banned malware, tries to trick victims with a different approach. A message displaying – Your Windows Has Been Banned pops up on the lock screen as the user boots the PC. It then throws up 2 options to choose from,

  1. Buy a new Windows key for $50
  2. Delete all the data and effectively make your PC unusable for any future use

It also mentions that user needs to pay $50 worth of Bitcoin and visit a particular URL.

Malware is aimed at novice PC users

Looking at how the malware approaches the user, it can be concluded that only novice users would fall into their trap. The immature treatment of the malware author can be seen from 2nd warning statement where it is talking about deleting the data and making the PC unusable for future use. It’s hard to believe that a reputed company like Microsoft would ever demand payment in Bitcoin and talk about deleting the data and making the PC unusable.

It is fact that for the last 2 years, such internet scams have evolved with more users being scared and tricked to pay before they could understand the real beneficiary. Users, encountering the error message on their lock screen, must note, that that the malware is already installed on their system.

In such a scenario they should perform a malware check immediately and scan the PC for viruses and malware. In case you are still having the doubts, it is a good idea to get in touch with the customer care department of the organization whose name was hoaxed to send these scam messages.

How to avoid getting infected

You should always avoid clicking on suspicious links in emails and visiting unknown entities on the internet. Keeping your PC up to date and using updated antivirus tools is necessary to keep such dangers away.

Credit: Image source.

Posted by with Tags

Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.