Police alert after ransom Trojan locks up 1,100 PCs
- 03 August, 2012 13:09
UK authorities have issued an urgent warning about a ransomware attack has successfully extorted money from dozens of victims by impersonating the country's Police Central e-Crime Unit (PCeU).
Ransom attacks using threats that pose as the PCeU and other European police forces in order to issue fine threats have become common in the last two years but it is still unusual for any hard numbers on infection rates or victim numbers to come to light.
The latest unidentified attack had infected 1,100 computers in the UK, successfully conning 36 people into paying £100 ($150) to the criminals, police said. The true numbers will be much larger because official reports only show a snapshot of what is happening.
The procedure for such attacks is always very similar. Users visit or are redirected to a porn or gambling site that hits them with a drive-by attack, usually based on a software vulnerability in a browser plug-in. The user's PC is then hijacked and the users asked for money in order to regain control.
Sometimes the attack will issue threats, including that the user will be exposed for visiting a porn site (whether they have or not), while on other occasions the demand is a straight 'pay us or you will not be able to use your PC.'
"This is a fraud and users are advised NOT to pay out any monies or hand out any bank details," urged the PCeU.
"This scam is now affecting many countries in Europe and further afield, with each email tailored to include the branding of that country's law enforcement agency. Europol are coordinating with Europe's law enforcement agencies on this matter," the PCeU said.
Users can advise of such attacks on the PCeU's website. This won't help get lost money back - victims should phone their credit card company immediately - but will help police plot new attacks before they successfully infect more computers.
Another variation on the theme has been to impersonate software companies such as Microsoft, threatening the end user by claiming they are using a pirated copy of Windows. The criminals just never let up.