Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
     123
    45678910
    11121314151617
    18192021222324
    252627282930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for November 22nd, 2012



    Nov22
    11:00 am (UTC-7)   |    by

    Ransomware has become major concern among users, particularly those variants that mimic law enforcement agencies like the FBI (known as police ransomware). Certain features have also been incorporated into the threat recently, such as an audio file and just now, fake digital certificates.

    We encountered two samples bearing the same fake digital signature, which Trend Micro detects as TROJ_RANSOM.DDR. According to senior threat researcher David Sancho, the digital signature’s name and its issuing provider are very suspicious. Sancho believes that the fake signature’s sole purpose is likely to elude digisig checks.

    Users may encounter these files by visiting malicious sites or sites exploiting a Java vulnerability.

    Once executed, TROJ_RANSOM.DDR holds the system “captive” and prevents users from accessing it. It then displays a warning message to scare its victims into paying a fee. To intimidate users further, this warning message often spoofs law enforcement agencies like the FBI, often claiming that they caught users doing something illegal (or naughty) over the Internet.

    Read the rest of this entry »

     
    Posted in Malware | 1 TrackBack »


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice