Ransomware is a nasty scam that infiltrates your computer and tricks you into thinking that you’ve done something wrong. Police ransomware in particular informs users that they need to pay their local police a fine.
We have written detailed reports about these attacks in the past, including multiple blog posts as part of our investigations into this ongoing threat.
Trend Micro threat researchers have been studying this scam throughout 2012 and have collaborated very closely with law enforcement authorities in several European countries, especially in Spain. Today, we are very happy to report that the Spanish Police has put the information to good use, and they have just announced in a press conference the arrest of one of the head members of the cybercriminal gang that produces the Ransomware strain known as REVETON.
The apparent arrest of this cybercriminal of Russian origin occured in Dubai, United Arab Emirates. The law enforcement authorities are working to extradite him to Spain for prosecution. Along with his arrest, the operation included the arrests of 10 other individuals tied to the money laundering component of the gang’s operations, which managed the monetization of the PaySafeCard/UKash vouchers received as payment in the scam. The gang apparently had a branch in Spain that exchanged these vouchers and converted them into actual money, which would then be transferred to the leaders of the gang in Russia.
Trend Micro is very proud that our involvement in this shared intelligence effort produced such good results. We also want to thank the Spanish Police for being proactive in this case and being able to collaborate so closely with us. We hope there will be many more victories against cybercrime like this, and will continue to work very closely with international law enforcement authorities on similar investigations. You can access the Spanish Police press release here.
For more information on Police Ransomware, read the following blog posts: