Categories: SecurityWorkspace

Creepy Police Ransomware Starts Speaking In All Languages

Ransomware claiming to come from the police has been causing havoc across the web this year and now a variant has been spotted which can speak to users in any language.

Security professionals have been warning about the growing sophistication and proliferation of ransomware, which locks users out of their computers and asks for payment to unlock systems.

Police ransomware claims to come from a legitimate law enforcement agency, telling victims they need to pay a fee as they have been caught carrying out illegal activity. When they pay the fine, the money doesn’t go to police – it goes into the hands of cyber crooks.

Ransomware that talks

Trend Micro today said it had seen a strain of the Reveton police ransomware, the most widespread ransomware of all types, that urged users to pay verbally with a recorded message. Additionally, it detects what language the victim most likely speaks by doing a location check before delivering that message.

“Thus, a user with a ransomware-infected system from France will get a notification from the Gendarmerie Nationale, while a US-based one will likely receive a message from the FBI,” read a blog post from Trend’s threat research manager Ivan Macalintal.

He warned that this latest advance in ransomware was “possibly just the tip of the iceberg”. “It’s not a stretch to say that we can expect further improvements for this malware: possibly a singing ransomware in the near future?”

Sophos has reported it saw a spike in ransomware in 2012, noting that a growing number of infections fully encrypt users’ hard drives. “In nearly every case, updated antivirus software can prevent ransomware from installing and running on your computer,” Sophos said. “There may be no cure, so prevention is always better.

“Over the coming year we expect to see more attacks which, for IT professionals, will place a greater focus on behavioural protection mechanisms as well as system hardening and backup/restore procedures.”

Last month, it emerged hacked sites being hosted by Go Daddy were serving up ransomware.

How well do you know Internet security? Try our quiz

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago