Three police ransomware fraud suspects arrested

  • Liam Tung (CSO Online)
  • — 13 December, 2012 09:45

Three fraudsters suspected of running a police ransomware fraud scheme in the UK have been arrested by London’s Metropolitan Police’s e-Crime’s unit.

Police arrested a 34-year old man, a 30-year old woman and a 26-year old man from Stoke on Trent after searching three addresses on Tuesday. All three are being held in custody on suspicious of conspiracy to defraud.

Over the past year London’s Met has warned citizens several times not to pay fines demanded by police ransomware. Victims' screens are usually become frozen on a page containing police badging and a warning that local law enforcement has detected illegal computer activity, ranging from piracy to child pornography.

The scam asks victims to pay a fee of around $100 to $200 to unlock their computers.

The ransomware used in these campaigns is different to the recent spate of targeted attacks on Australian small businesses. In those cases, the attackers used asymmetric encryption before demanding several thousand dollar payments, whereas ransomware variants used in police themed attacks typically only lock a screen.

Symantec has a detailed description of the ransomware spectrum here while Botnets.fr has kept an archive of all the police-themed ransomware lock pages here.

The Met’s previously published figures on ransomware victims in the UK suggest fraudsters convert about 3 per cent of infections into actual payment.

Exactly what impact the arrests have on the ransomware problem in the UK remain to be seen.

One reason why ransomware has become popular is that different “locker kits” are available for sale for a few hundred dollars.

The Malware Don’t need Coffee site, run by malware research kafiene, recently reported the “Multi locker” variant was available on a Russian forum for $899. The package included training, online support, constantly refreshed page locks, and a “comfortable” admin panel.

A new design for ransomware targeting US computer users that kafiene has discovered purports to be from the Justice Department. Instead of the $200 fraudulent fine, criminals now demand $300 and include an actual image of child pornography on the lock screen.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags: ransomware

Confirmed: hackers can use Heartbleed to steal private SSL keys

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security Solutions-GigaVUE-2404

Newgen provides innovative network monitoring and security solutions based upon Gigamon’s GigaVUE-2404

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.