In association with heise online

14 December 2012, 11:22

Three arrests over "police ransomware" in Staffordshire

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom The malware blocks the user's computer, claiming they have violated one of a number of laws
Source: Naked Security

The Metropolitan Police have arrested two men and a woman in connection with the Reveton ransomware trojan. Detectives from the Police Central e-Crime Unit (PCeU) collaborated with Staffordshire police to arrest the three individuals in Stoke-on-Trent on suspicion of conspiracy to defraud, money laundering, and possession of items for use in fraud.

The Reveton malware blocks users' computers with a message claiming to be from local police authorities. The malware is also known under the name "BKA trojan" in Germany, where it has been in widespread circulation since 2011. The ransomware claims users had pirated intellectual property or downloaded illegal pornography, demanding the payment of a "fine" to unlock it again. Payments were usually solicited through Ukash and Paysafe pre-paid vouchers or other hard-to-track methods. The trojan has appeared with logos of the FBI, Metropolitan Police, and the federal police organisations of Germany, Austria and Portugal.

In the variant circulated in the UK, the ransomware brought up a web page with the PCeU and Metropolitan Police logos, including the user's IP address, Internet Service Provider (ISP) name, location, and a feed from the user's web cam, if present. The malware claimed the user's computer had been "suspended on the grounds of unauthorised cyberactivity" and directed them to pay a fine of £100 through Ukash or Paysafe.

The arrested persons currently remain in custody. A PCeU spokesperson said: "I remind all computer users that police do not use such a method to impose or enforce fines, so if you are confronted by such a page do not enter any of your details. Call police on 101."

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit