Creepy Police Ransomware Starts Speaking In All Languages

Thomas Brewster,
Cybersecurity, Hack © Anatema Shutterstock 2012

A polyglot malware is doing the rounds

Ransomware claiming to come from the police has been causing havoc across the web this year and now a variant has been spotted which can speak to users in any language.

Security professionals have been warning about the growing sophistication and proliferation of ransomware, which locks users out of their computers and asks for payment to unlock systems.

Police ransomware claims to come from a legitimate law enforcement agency, telling victims they need to pay a fee as they have been caught carrying out illegal activity. When they pay the fine, the money doesn’t go to police – it goes into the hands of cyber crooks.

Cybersecurity, Hack © Lightspring Shutterstock 2012Ransomware that talks

Trend Micro today said it had seen a strain of the Reveton police ransomware, the most widespread ransomware of all types, that urged users to pay verbally with a recorded message. Additionally, it detects what language the victim most likely speaks by doing a location check before delivering that message.

“Thus, a user with a ransomware-infected system from France will get a notification from the Gendarmerie Nationale, while a US-based one will likely receive a message from the FBI,” read a blog post from Trend’s threat research manager Ivan Macalintal.

He warned that this latest advance in ransomware was “possibly just the tip of the iceberg”. “It’s not a stretch to say that we can expect further improvements for this malware: possibly a singing ransomware in the near future?”

Sophos has reported it saw a spike in ransomware in 2012, noting that a growing number of infections fully encrypt users’ hard drives. “In nearly every case, updated antivirus software can prevent ransomware from installing and running on your computer,” Sophos said. “There may be no cure, so prevention is always better.

“Over the coming year we expect to see more attacks which, for IT professionals, will place a greater focus on behavioural protection mechanisms as well as system hardening and backup/restore procedures.”

Last month, it emerged hacked sites being hosted by Go Daddy were serving up ransomware.

How well do you know Internet security? Try our quiz