Ransomware infections have become more popular among cybercriminals, and security researchers have come across another Trojan that fuels such campaigns. The novelty in this scenario is that the control panel that’s being utilized in the scheme has been found.
Identified by Symantec as Trojan.Ransomlock.K, the malicious element communicates with a command and control server from which it receives its orders.
The interface that allows the cybercrooks to communicate with their Trojan is called Silent Locker Control Panel and according to the experts, it is somewhat similar to other control panel used for pieces of malware such as ZeuS and SpyEye.
The Russian variant of the Silent Locker Control Panel found by experts offers a number of options. First of all, it tracks the infected computer’s location and date, information that can be used for billing.
Also based on the location, the cybercriminal can choose what picture the ransomware displays when it takes over a computer. For instance, if the victim resides in the UK, a picture of the Metropolitan Police can be used, the default image being the one shown in the screenshot.
If notifications that rely on the reputation of a law enforcement agency don’t work, the fraudsters can always turn to fake Windows Security Checks or other scams that may convince the victim that his/her device is being blocked for performing illegal activities, or even because of some phony system errors.
Read more: http://news.softpedia.com/news/Experts-Find-Control-Panel-for-Ransomlock-Powered-Ransomware-265732.shtml
