New Version of “Your Windows is Banned” Malware Demands $50 in Bitcoin

There are many different types of malware in circulation, but some of these creations truly stand out. One of the more intriguing ones explains to people that their version of Microsoft Windows “has been banned.” Supposedly, the ban is due to users having violated the Microsoft terms of use. This scam is designed to infect computers with malware called “Rogue.Tech-Support.” A new version of this malware showed up earlier this week.

Windows Has Been Banned Malware

This particular type of malware goes all the way back to late 2016. At that time, security researchers came across a new type of malware which informed users that their Windows installation had been banned. Anyone with a decent brain will realize this is nothing but a scam rather than an actual threat. Victims who see this message should also realize that their computer has been infected with malware, which is a threat.

The dubious message shows up on the lock screen as soon as the user boots his or her computer, along with a mention of how they must call a Microsoft tech support phone number located in the US. Calling this phone number will not help anyone since this attack has nothing to do with Microsoft itself, but is merely the result of one’s computer having been infected by malware.

Interestingly, it is possible to call the phone number displayed on the screen, even though no one will receive any support from it whatsoever. Instead, they will be put in touch with a call agent who attempts to sell unnecessary support services. Callers are also informed that their Windows license has expired and that they need to pay US$99.99 for a new one. This is utterly bogus, of course, but novice computer users may be tricked into believing the story.

Every user who receives this screenlocker will see their computer allegedly locked due to a violation of Microsoft’s terms and services. There has supposedly been some “unusual activity” which caused Microsoft to disable the user’s key. If that were the case, paying US$99.99 for a new key still would not make any sense. Users can often dispute an invalid key without making any payment whatsoever. Sending this money to a “trusted Microsoft technician” to receive an unlock code will only result in the loss of funds.

Earlier this week, security researchers came across a new version of this old malware which boasts a similar message. Interestingly enough, the price for a new key is now just US$50 and must be paid in Bitcoin. That should be a clear giveaway that this is an attempt to scam people for US$50 through Bitcoin, although it is to be expected quite a few people will fall for it regardless.

In the new version, victims can no longer call a phone number, which is somewhat surprising. Then again, perhaps the developers realized that would have signaled yet another tech support scam to the majority of people. Such scam attempts have become rather prevalent over the years, and most people know they are designed to steal people’s money. Anyone posing as a representative from a legitimate company and demanding a Bitcoin payment should not be trusted whatsoever.