If you are reading EHN's malware report daily, then you may aware of money-stealing malware namely Ransomware. It seems that Ransomware's authors are interested in French Cake and Pastry lovers.
The website of a well-known confectionery company based in France, Laduree.fr has been compromised in order to infect the visitors' system.
The TrendMicro security solution detect the ransomware as TROJ_RANSOM.BOV. This time, ransomware impersonates National Gendarmerie (French: Gendarmerie nationale), commonly known as the French Police Force. (In the past, ransomware impersonate the Italian, UK police)
As usual, it asks victims to pay the fine of 200Euros(the amount is increased from 100Euros?!).
"We noticed that the domain name of the URL used to host the exploit kit has been suspended. Based on the logs, it was created on February 9, 2012 and last updated on February 14. The domain’s registrant shows a .ru email address which might help in identifying a possible suspect, but this might just be a compromised email account." Trend Micro researchers said.
The website of a well-known confectionery company based in France, Laduree.fr has been compromised in order to infect the visitors' system.
The TrendMicro security solution detect the ransomware as TROJ_RANSOM.BOV. This time, ransomware impersonates National Gendarmerie (French: Gendarmerie nationale), commonly known as the French Police Force. (In the past, ransomware impersonate the Italian, UK police)
As usual, it asks victims to pay the fine of 200Euros(the amount is increased from 100Euros?!).
"We noticed that the domain name of the URL used to host the exploit kit has been suspended. Based on the logs, it was created on February 9, 2012 and last updated on February 14. The domain’s registrant shows a .ru email address which might help in identifying a possible suspect, but this might just be a compromised email account." Trend Micro researchers said.
