menardconnect.com

Tech, Games, Blogging and Other Random Thoughts

On Ransomware and Reveton

Posted on February 19, 2013  in Technology

Ransomware is a tricky problem in the #infosec world. These type of malware “kidnaps” the users files and/or system and demands money in exchange for the file /or systems “freedom”.

According to Wikipedia, Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed. Some forms of ransomware encrypt files on the system’s hard drive, while some may simply lock the system and display messages intended to coax the user into paying.

Some good news about ransomware that is worth sharing here at menardconnect.com

Key Figure in Police Ransomware Activity Nabbed

by Trend Micro Advanced Threats Researchers

Ransomware is a nasty scam that infiltrates your computer and tricks you into thinking that you’ve done something wrong. Police ransomware in particular informs users that they need to pay their local police a fine.

reveton
We have written detailed reports about these attacks in the past, including multiple blog posts as part of our investigations into this ongoing threat.

Trend Micro threat researchers have been studying this scam throughout 2012 and have collaborated very closely with law enforcement authorities  in several European countries, especially in Spain. Today, we are very happy to report that the Spanish Police has put the information to good use, and they have just announced in a press conference the arrest of one of the head members of the cybercriminal gang that produces the Ransomware strain known as REVETON.

The apparent arrest of this cybercriminal of Russian origin occured in Dubai, United Arab Emirates. The law enforcement authorities are working to extradite him to Spain for prosecution. Along with his arrest, the operation included the arrests of 10 other individuals tied to the money laundering component of the gang’s operations, which managed the monetization of the PaySafeCard/UKash vouchers received as payment in the scam. The gang apparently had a branch in Spain that exchanged these vouchers and converted them into actual money, which would then be transferred to the leaders of the gang in Russia.

Trend Micro is very proud that our involvement in this shared intelligence effort produced such good results. We also want to thank the Spanish Police for being proactive in this case and being able to collaborate so closely with us. We hope there will be many more victories against cybercrime like this, and will continue to work very closely with international law enforcement authorities on similar investigations.  You can access the Spanish Police press release here.

For more information on Police Ransomware, read the following blog posts:

  • New Police Ransomware Claims Fake Treaty Among AV Vendors and Police
  • Latest on Police Ransomware – It Speaks!
  • Police Ransomware Bears Fake Digital Signature
  • Police Ransomware: Evolving At a Tremendous Pace
  • New Ransomware Plays Its Victims an Audio File, Over and Over and Over…

Original Post from Trendlabs Security Intelligence Blog – Key Figure in Police Ransomware Activity Nabbed .
Image Credits: TrendLabs Security Intel Blog

Congratulations to the Spanish Police and all the LE agencies involved. Kudos to Trend Micro Advanced Threats Research Team 🙂

For more details on Reveton and this police ransomware, kindly visit:

Some disclosure:
I work at Trend Micro. The views expressed in this blog post are mine and mine alone and do not necessarily represent my employer’s positions, strategies or opinions. To know more about me (work and other stuff), kindly visit my about page. To know more about my blogs full disclosure policy, kindly visit my disclosure page.