The Rise of Reveton and Police Ransomware
Reveton is a ransomware type that impersonates law enforcement agencies. Known as Police Ransomware or Police Trojans, these malware are notable for showing a notification page purportedly from the victim’s local law enforcement agency, informing them that they were caught doing an illegal or malicious activity online.
To know which local enforcement agency is applicable to users, Reveton variants track the geographical location of their victims. Thus, affected users living in the US receive a notification from the FBI while those located in France are shown a notice from the Gendarmerie Nationale.
Reveton variants also employ a different payment method compared to early ransomware attacks. Once a system is infected with a Reveton variant, users are prompted to pay through UKash, PaySafeCard, or MoneyPak. These payment methods afford ransomware perpetrators anonymity, as both Ukash and PaySafeCard have a faint money trail.
In 2012, different types of Reveton variants were seen exhibiting new techniques. During the latter part of that year, Trend Micro reported on variants that played an audio recording using the victim’s native language, and another one bearing a fake digital certificate.
SOURCE WWW.TRENDMICRO.COM
