Police Virus Malware Growing

Thursday, August 9, 2012 @ 03:08 PM gHale


Cyber criminals are now using the Police Virus malware as fully functioning ransomware, according to a new report.

The Police Virus is a common technique used by criminals to infect computers by masquerading as law enforcement agencies demanding money for fictional crimes, said researchers from security firm PandaLabs.

RELATED STORIES
One Attack Starts at Web Site
Beware of Internet Scammers
Malware Continues Growth Cycle
Spam Drops; Malicious Attachments Hike

Scams like these across the globe demand money for things like copyright infringement, missed court dates and even parking tickets.

PandaLabs detected the evolution of the scam from standard scareware to ransomware in its latest quarterly threat report, which analyzed incidents from April through June 2012.

The firm went on to warn the campaigns are continuing to evolve at a rapid pace, with criminals creating increasingly effective ways to hold users data to ransom and demand payment for its safe return.

“The first versions of the new Police Virus only use encrypted .doc files, and the encryption wasn’t too hard to crack, so it was possible to decrypt the files without the key,” the report said.

“Now, however, a more sophisticated encryption is being used, and the decryption key is required to unlock the files. And not only that, the files are encrypted with a different key for each infected computer, so, unless you are able to access the server that stores all keys, it is absolutely impossible to access the files.”

The evolution came alongside a boom in the number of Trojan viruses hitting the cyber street. The report revealed Trojans are now the most common form of cyber attack, accounting for 79 percent of all threats.

Worms were the second biggest threat detected, responsible for 11 percent of all attacks, the report said.

Trojans continued to prove the most effective attack method during the quarter speaking for 76 percent of all infections, while viruses came second accounting for eight percent.

“It is interesting to note that worms have only caused six percent of infections despite accounting for almost 11 percent of all new malware”, said Luis Corrons, technical director of PandaLabs.

“The figures corroborate what is well known: massive worm epidemics have become a thing of the past and have been replaced by an increasing avalanche of banking Trojans and specimens such as the Police Virus.”

Looking to the future Corrons warned the scam is one of the numerous cyber crime kits currently on sale and will likely remain an ongoing problem in the foreseeable future.

“This so called Police Virus appears to be created for and distributed by a cyber criminal gang from Eastern Europe or Russia, and police forces from across Europe are working together to try and identify and arrest them,” said Corrons.



Leave a Reply

You must be logged in to post a comment.