The FBI Virus: What It Is and How to Remove It

How to liberate your files from blackmail

A conceptual illustration of the App Lock virus destroying a laptop computer.

Lifewire / Theresa Chiechi

Is your computer screen locked with a threatening message, seemingly sent by the FBI? Is it demanding payment of a fine to access your files? You may have been infected with the FBI ransomware virus

The FBI virus affects Windows and Mac based computers, as well as Android and iOS based smartphones. 

What Is the FBI Virus?

The FBI virus, also known as the FBI Moneypak virus and FBI locked computer virus, is a dangerous form of ransomware that locks users out of their computer, demanding they pay a fine in exchange for being able to access their computer again. 

The splash screen warning accuses users of illegally viewing pornography or downloading copyrighted material, intimidating users to pay a supposedly, FBI-imposed fine with 48 to 72 hours or face substantial penalties and the loss of their computer. 

Never pay the ransom. It won't remove the virus, and you'll be giving into blackmail and coercive threats. 

How Does the FBI Virus Work?

The FBI Virus locks your desktop, displaying a screen with 'FBI Federal Bureau Investigation', 'CIA Special Agent' or similar. The message informs you that the computer has been blocked due to the Copyright and Related Rights Law violation or other similar reason that sounds convincing and threatening. 

It blocks access to anything else on your system, meaning you aren't able to use your computer or access any files. It then demands between $100 and $400 to be paid via pre-paid MoneyPak cards in order to release your computer, with a threat that a criminal investigation will be opened against you otherwise. 

Some forms of the FBI virus also have access to your webcam so it can display what's going on in your room to further intimidate you. 

The FBI Virus is a dangerous and intimidating threat. It's important that you delete it as quickly as possible so that you regain access to your computer and files. 

How Do I Know I Have the FBI Virus?

The FBI ransomware virus blocks you from doing anything on your computer or smartphone. You'll immediately know if you have it and that you need to remove it as soon as possible to regain access to the system. It doesn't remain dormant like other forms of viruses or malware. 

However, it's important to run regular antivirus software scans and to have anti-malware installed, as such tools can detect the virus within files or attachments that you download while browsing online. A scan can spot the FBI MoneyPak ransomware before you open it and install it to your computer. 

How Did I Get the FBI Virus?

The FBI virus is distributed through several different methods. It can infect your computer via malicious websites that use vulnerabilities on your computer to install the Trojan without your permission. 

It can also infect your computer via spam emails that contain infected attachments or links to malicious websites. 

Additionally, you can download it manually, thinking you're installing a safe piece of software that has actually been hijacked by the FBI virus. In particular, this is prevalent on torrenting websites and other file sharing sites. 

How Do I Get Rid of the FBI Virus?

The best way to get rid of the FBI ransomware virus is to use antivirus software, as well as a malware removal tool to be sure it is completely removed. 

Due to how the FBI virus works, you will need to start your computer in Safe Mode in order to use the antivirus software to remove the ransomware. 

Antivirus software can take many hours to complete the process, depending on the speed of your computer, but it also offers you the best ways in which to remove the malicious files. 

It's also worth installing a malware removal tool which helps detect ransomware like FBI MoneyPak and delete it before it causes any problems.

Similar to antivirus software, malware scanning can take many hours depending on the size of your computer's hard drive, as well as its speed. 

You can also use System Restore to return to an earlier point on your computer before you picked up the FBI virus. Make sure to choose a time period where you know with certainty you didn't already have the ransomware on your computer. 

You can also choose to reformat your computer's hard drive to guarantee you've deleted the FBI virus, but as this isn't a virus that hides dormant, it's advisable that this is a last resort if all other options fail. 

It can take a long time to reformat and requires a certain amount of knowledge when it comes to setting your computer up. Don't rush into the decision and try all other methods first. 

Remove the FBI Virus From iOS Devices

iOS users need to remove the virus via a slightly different method as it works by locking them out of their Safari web browser rather than their phone on the whole. To remove it, they must clear all their website data via Settings

How Can I Avoid Getting the FBI Virus Again?

There are a few easy to follow ways in which you can lower your chances of being re-infected with the FBI virus (or receiving any other virus). There are also specific tips that relate directly to the FBI Virus.

  • Update your antivirus software and malware protection. Keep your antivirus software and malware protection up to date. New virus definitions are released regularly and these keep your PC informed on what to look for with new virus and malware based threats. 
  • Don't open suspicious attachments or files. Scan them with an antivirus program first to be sure that they're safe and don't contain rogue Trojans.
  • Don't click on links you don't recognize. Links that are sent via email as well as messaging services can be spoofed to look safer than they are. Be aware of what you're clicking on and don't rush into anything. 
  • Don't pirate software. Trojans and ransomware like the FBI virus love to attach themselves to illicit software. Buy your software legally and avoid pirating anything in order to be safe online.