Search This Blog

Powered by Blogger.

Blog Archive

Labels

Ransomware(Money-stealing malware) now impersonates the Italian Police

Few days back, we report about a computer virus that impersonates UK's e-crime unit in an effort to steal money(£100) from unsuspecting users. Now the malware change the target from UK users to Italians.

A new Ransomware  circulating among Italian users poses as an official statement from Italian Police, warns Total Defense Research Team.

This malware exactly use the same method to threaten the victims, it displays an official message with victim's IP address .  The fake message says illegal activity detected related to child pornography.  Additionally, it states that the computer is also spreading illegal spam with terrorist intent.

Interestingly , the fake message asks the user to pay the same amount( £100)  to unlock the user system.  Different methods of payment are showed to the user such as “paysafecard”, “ukash”, and “sisal."

According to Researcher's investigation, the ransomware disables the Task Manager and compromising the registry of the Windows operating system.

The malware adds the following registry value in registry DB:
"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run" value="vasja"

Total Defense Security products detected the malware as “Ransom.ZAAC” by our anti-malware

The same malware attack targeted German, Swiss, Spanish and Dutch users in the past.
Share it:

Malware Report

Ransomware