Inside GT Global

Police-themed ransomware targets Canadian users

May 10, 2012 Blog 1 Comment
Police-themed ransomware targets Canadian users

IDG News Service – A ransomware application that locks computers and asks their owners to pay fines for allegedly violating several laws through their online activity is targeting U.S. and Canadian users, malware experts from security firm Trend Micro said on Wednesday.

The Trend Micro researchers refer to this particular ransomware — malware that disables system functionality and asks for money to restore it — as the “Police Trojan,” because it displays rogue messages claiming to originate from law enforcement agencies.

Related: GT Global Services’ Service Desk & Small Business IT Infrastructure Services

The “Police Trojan” appeared in 2011 and originally targeted users from several countries in Western Europe, including Germany, Spain, France, Austria, Belgium, Italy and the U.K.

The rogue message displayed after locking down a victim’s computer is localized in the victim’s language and claims to be from a national law enforcement agency from the victim’s country.

The owners of the locked-down computers are told that their IP addresses were involved in illegal activities and are asked to pay a fine using prepaid cards like Ukash or Paysafecard. The malware’s authors prefer these payment services because transactions made through them cannot be reversed and are hard to trace.

When investigating new command and control (C&C) servers recently used by this malware, Trend Micro researchers discovered message templates that were designed for U.S. and Canadian users. This suggests that the malware’s scope has been extended to these two countries.

Source: ComputerWorld