We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

New ransomware displays bogus police alerts, requests payment of a fine

Ransomware targeting European computer users displays bogus alerts from law enforcement agencies

Ransomware Trojans detected recently in the wild display bogus messages from law enforcement agencies in Europe and ask users to pay nonexistent fines, Microsoft warned.

"We have recently seen the emergence of several samples of a ransomware family localized into different languages," researchers from Microsoft's Malware Protection Center (MMPC) said in a blog post Monday.

The ransomware variants detected so far masqueraded as national police agencies from Germany, the U.K., Spain, France, Switzerland and the Netherlands.

The Trojans are distributed via drive-by-download attacks that are launched from compromised websites. The attack toolkit most commonly used for this purpose is called Blackhole and contains exploits for unpatched installations of Adobe Reader, Flash Player, Java and Windows.

All programs from this ransomware family lock down infected computers and claim that their owners were involved in illegal activities. A legitimate IP (Internet Protocol) address geolocation service is used to determine the language and formatting of the bogus police alerts displayed to each user.

Affected computer owners are informed that they need to pay a fine within 24 hours, otherwise data will be erased from their hard drives. The payment is usually requested through services like Paysafecard or Ukash which make transactions harder to trace or reverse.

Microsoft researchers believe that all localized variants of this ransomware are the work of the same attackers. "The HTML front-end has been translated, while the back-end stays almost the same, with the exception of some obfuscation layers," they said.

Users are advised to keep their software up to date and to treat every unsolicited messages with suspicion. All requests that appear to come from an official institution should be verified over the phone.


IDG UK Sites

How to watch the Windows 9 launch event: no live video stream so catch our Windows 9 launch live...

IDG UK Sites

Windows 9 and the death of the OS as a must-have product

IDG UK Sites

Video trends: 4K is here โ€“ HDR video, VR and 3D audio is coming

IDG UK Sites

Best iPhone 6, iPhone 6 Plus deals: iPhone 6, iPhone 6 Plus tariffs, contracts and prices UK