We have recently seen the emergence of several samples of a ransomware family localized into different languages. Malware that relies on localized social engineering tactics has been around for a few years, as we discussed in our two-part series on Program:Win32/Pameseg, and as evident in the surge of password stealers targeting Brazilian online banking websites. Ransomware, which renders a computer unusable and then demands payment, supposedly to make it usable again, has existed for quite some time as well.
What is remarkable in the cases of ransomware we've seen lately is the effort that the authors have put into creating different versions for every targeted country. We've so far seen variants localized into four languages: English, Spanish, German, and Dutch. The list of imitated institutions is also quite long. It includes:
- The German Federal Police
- GEMA (Germany's performance rights organization)
- The Swiss "Federal Department of Justice and Police"
- The UK "Metropolitan Police"
- The Spanish Police
- The Dutch Police
Read more >>