Difference between revisions of "A ScarePakage variant is targeting more countries : impersonating Europol and AFP"

From Botnets.fr
Jump to navigation Jump to search
 
m (1 revision imported)
(No difference)

Revision as of 15:30, 7 February 2015

(Publication) Google search: [1]

A ScarePakage variant is targeting more countries : impersonating Europol and AFP
Botnet ScarePakage
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-08-06
Editor/Conference Kafeine
Link http://malware.dontneedcoffee.com/2014/08/scarepackageknstant.html malware.dontneedcoffee.com (malware.dontneedcoffee.com Archive copy)
Author Kafeine
Type Blogpost

Abstract

On July 16th Lookout wrote about a new "police ransomware" on Android. They named it ScarePakage. (aliases : Eset:Android/Locker.B , Kaspersky:Trojan-Ransom.AndroidOS.Aples.a)

It (or a variant ? seems Norton focused here) is advertised on underground since beginning of July as "Android Locker" by the seller of a fork of Titan Browlock System.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1402,
   editor = {Kafeine},
   author = {Kafeine},
   title = {A ScarePakage variant is targeting more countries : impersonating Europol and AFP},
   date = {06},
   month = Aug,
   year = {2014},
   howpublished = {\url{http://malware.dontneedcoffee.com/2014/08/scarepackageknstant.html malware.dontneedcoffee.com}},
 }