Ongoing discussions about the real traits of “You steal music I lock your PC” BIOS malware can be found on various security web sites and forums. Some says that this is another part of ransomware that attacks a computer in order to gain monetary values. Other states that the appearance of “You steal music I lock your PC” is a hoax.
We will update this post once we have confirmed the exact classification of this virus. For the meantime, here are what we have gathered about this threat:
– It appears to be infecting computer users in the European region particularly Belgium and Germany. In fact, one of the first user who brought up this issue on a computer security forum is from Germany.
– Most victims claim of acquiring the “You steal music I lock your PC” virus from downloaded Torrent files.
– After executing the file, a Windows message stating “lcm.exe has installed successfully” will appear. Instantly, the virus will reboot the computer to effectively apply the changes.
– During boot-up, ANSI art will appear bearing the message “You steal music I lock your PC”. Take note that it has no message asking for a penalty or payment from the victim. Thus, it is not deemed as Ransomware. The ANSI art (see image below) suggests that it was designed without the need for complex rendering. So, it could be running from a computer’s BIOS.
– Fixing this virus is very complicated because it will not allow victims to boot from any removable drive, CD, and USB flash drives. BIOS was also made inaccessible.
As soon as we have on hand copy of the “You steal music I lock your PC” virus, we will run diagnostics and see what could be the best possible way to delete it from an infected computer.