Difference between revisions of "Trojan.Ransomgerpo criminal arrested"
Jump to navigation
Jump to search
m (Text replacement - " www.symantec.com" to "") |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 3: | Line 3: | ||
|Legend=Infection activity over time (Symantec) | |Legend=Infection activity over time (Symantec) | ||
|Type=Blogpost | |Type=Blogpost | ||
|Link=http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested | |Link=http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested | ||
|Author=Symantec Security Response | |Author=Symantec Security Response | ||
|NomRevue=Symantec Connect | |NomRevue=Symantec Connect | ||
Latest revision as of 21:50, 5 August 2015
(Publication) Google search: [1]
| Trojan.Ransomgerpo criminal arrested | |
|---|---|
| |
| Botnet | Ransom.EY, Ransomgerpo |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-02-14 |
| Editor/Conference | Symantec |
| Link | http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested (Archive copy) |
| Author | Symantec Security Response |
| Type | Blogpost |
Abstract
“ Spanish police have reported the arrest of an individual involved with a particular strain of police Ransomware known as Ransom.EY, detected by Symantec as Trojan.Ransomgerpo.
This variant is one of the earliest active police Ransomware families, which Symantec has been tracking since at least July, 2011. The Trojan was distributed using drive by download techniques, in conjunction with the Black Hole exploit kit. Early versions of the locking screen were quite primitive but quickly evolved as the author obviously stole design ideas from other Ransomware gangs as shown in Figure 1.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1302,
editor = {Symantec},
author = {Symantec Security Response},
title = {Trojan.Ransomgerpo criminal arrested},
date = {14},
month = Feb,
year = {2013},
howpublished = {\url{http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested}},
}