Trojan.Ransomgerpo criminal arrested

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Trojan.Ransomgerpo criminal arrested
Symantec-ransom-ey-timeline.png
Botnet Ransom.EY, Ransomgerpo
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-02-14
Editor/Conference Symantec
Link http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested (Archive copy)
Author Symantec Security Response
Type Blogpost

Abstract

Spanish police have reported the arrest of an individual involved with a particular strain of police Ransomware known as Ransom.EY, detected by Symantec as Trojan.Ransomgerpo.

This variant is one of the earliest active police Ransomware families, which Symantec has been tracking since at least July, 2011. The Trojan was distributed using drive by download techniques, in conjunction with the Black Hole exploit kit. Early versions of the locking screen were quite primitive but quickly evolved as the author obviously stole design ideas from other Ransomware gangs as shown in Figure 1.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1302,
   editor = {Symantec},
   author = {Symantec Security Response},
   title = {Trojan.Ransomgerpo criminal arrested},
   date = {14},
   month = Feb,
   year = {2013},
   howpublished = {\url{http://www.symantec.com/connect/blogs/trojanransomgerpo-criminal-arrested}},
 }