You may have experienced this situation before: out of nowhere, a friend messages you on Facebook or via email with a link. You instinctively click on it, and sometimes as you’re clicking on it, sometimes later, you realize it’s probably a virus. In those split seconds while you’re scrambling to close the browser window, tiny lines of code are working away inside your computer through “holes” in its programming. They’re trying to gain access through a “backdoor exploit” and reprogram your computer for their creator’s own intents. These backdoor exploits are not created on purpose – they are just human oversight among millions and millions of lines of code that has to be checked by hand. 

Researchers track the discovery of these exploits and are able to follow the progression of viruses through them. Today, they discovered vulnerability in Java; a program installed on nearly every computer.  With Java’s prevalence, this is a high-risk vulnerability and has been in use by hackers for a long period of time. In addition, it has been shown to work even with Microsoft Defender running, or any other current virus protection software.

The viruses which have been shown to spread via these backdoors are mostly variants of the Renekton virus. The Renekton virus is a program that enters via a vulnerability (more commonly known as the “FBI Scam) and then locks the user’s computer, claiming that the U.S. Department of Justice has blocked the computer on the grounds of some criminal charge, and that the user must pay a fee via prepaid card to view their computer’s contents again.  The money is transferred via the card and disappears into the hacker’s pockets.

What to do?  You need to disable Java in your browser and don’t click on any suspicious links.  Especially until this vulnerability is fixed, make sure all your antivirus and anti-malware programs are current and scan regularly for viruses. Don’t click on any shady links.

In order to disable Java, go to your start menu, then the control panel. Open the Java application there and go to its security tab. Un-check the box entitled “Enable Java Content in the Browser.”

You should also run a virus scan just to be sure. This particular Java issue is usually picked up by Malwarebytes as a “Trojan” and can be removed if it hasn’t been activated yet. If you’ve already been infected by this scam you will need to call computer repair professional before it can do more damage.