Victims Demand Info About Online 'Extortion'


     DALLAS (CN) - Despite FBI warnings, 7-Eleven, CVS Caremark, Walgreen and Kroger sell MoneyPak cash cards that computer criminals use to extort money, victims claim in a request for pre-suit depositions.
     MoneyPak Crime Victims LLC filed a petition to take presuit depositions from 7-Eleven, CVS Caremark, Walgreen, Kroger and Green Dot Corp., in Dallas County Court.
     Scammers use a virus to infect and lock down computers, and then demand ransom to be paid through a MoneyPak card issued by Green Dot, according to the complaint.
     The petitioners say they seek "to investigate claims of 'MoneyPak - Ransomware' extortion" to use in "anticipated class action lawsuits seeking disgorgement of extorted money," according to the petition.
     The virus, known as Reveton ransomware, can infect a computer that visits an infected website, and immediately locks down the victim's computer.
     A bogus message from law enforcement is displayed, claiming the victim must pay a fine for a violation of law.
     "Internet criminals have extorted money by 'locking' (shutting down) computers until a MoneyPak cash card issued by Green Dot Corp. was purchased from 7-Eleven, CVS Pharmacy, Walgreens or Kroger at a cost of $4.95 and the sum of $300.00 was deposited in the MoneyPak cash card," the petition states.
     "Unlike reputable cash cards issued by MasterCard, Visa, PayPal, American Express and major banks, MoneyPak cash cards have been designed by Green Dot Corporation to allow extortionists to collect ransom payments without disclosing their identities at the risk of arrest."
     The victims say Green Dot and retailers have been warned repeatedly by the FBI that the cards are being used to collect ransom, and that Walmart, Target, K-Mart, Tom Thumb, Albertson's, Exxon and other "reputable retailers" have stopped selling them.
     "However, 7-Eleven, CVS Pharmacy, Walgreens and Kroger ignored the FBI warnings and continued to sell MoneyPak cash cards and collect ransom payments," the victims say.
     Helena, Mont. police Det. Bryan Fischer told KXLH-TV, "The way that it works is that they say that for you to be able to unlock your computer, you have to send a fine, basically, to an e-mail address that looks like it's an FBI e-mail address when in all actuality, it's fictitious."
     Donna Gregory, with the Internet Crime Complaint Center, told KXLH, "We are getting dozens of complaints every day."
     "Unlike other viruses ... Reveton freezes your computer and stops it in its tracks. And the average user will not be able to easily remove the malware," Gregory said.
     In April 2012, an early variation of the virus posed as European authorities, such as federal police in Spain, Russia and Poland, according to Internet security firm F-Secure.
     "To unlock their computer, the user is asked to purchase a Paysafecard from a local convenience store chain (in Finland, it's R-Kioski) in the amount of 100 euros," F-Secure said in an online warning.
     "The technique is effective, as even non-technical people who might not be able to use online payment services such as Webmoney or eGold will be able to walk to the nearest store to part with their money."
     MoneyPak Crime Victims LLC says it "expects to elicit testimony that discloses the identity of 'MoneyPak-Ransomware' crime victims [sic] and establishes plaintiff's claim for the disgorgement of extorted money."
     They are represented by Ross Teter of Dallas