Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has spotted localised malware attempting to dupe users by posing as messages from police forces.
The ransomware rendered computers unusable or documents inaccessible before perpetrators demand payment from the victim in order to restore normal operation.
Perpetrators in recent cases have posed as police authorities and demanded users pay a fine for purported use of illegal material, according to Microsoft
The messages claim the user has accessed child pornography and emails "with terrorist background." Those who do pay do not get their computer fixed.
"In order to make the computer functional again, the user is asked to transfer money via a legitimate online payment service, such as Paysafecard or Ukash, to the supposed authorities," said Horea Coroiu, from the Microsoft Malware Protection Centre.
"A quite interesting fact is that the geographical distribution for most of the samples coincides well with the targeted countries. In the case of Trojan:Win32/Ransom.DU, which is a generic detection for a German-language variant of the ransomware that impersonates the German Federal Police, 91.59 per cent of the samples we received from July to November this year were found in Germany."
Malware infected machines via drive-by-downloads and the Blackhole exploit kit.
Microsoft said several spam campaigns contained links to the exploit kit, some of which was generated by the notorious Cutwail botnet.
"The good news is that no zero-day exploits that we know of are involved, so keeping your software up to date will considerably reduce the likelihood of infection," Coroiu added.
"In the unfortunate case that your computer is infected with this malware, don't even consider paying. If you do so, your computer will not get unlocked anyway, so paying does not actually solve your computer problem."
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.