Trend Micro Teams with Spanish Police in Ransomware Gang Arrests

Sometimes keeping our customers protected from the latest scams involves not just technology solutions—some cases require active collaboration with law enforcement and government agencies around the globe.

For example, Trend Micro researchers studied a ransomware scam that involved a "police Trojan" throughout 2012. After working closely with law enforcement authorities in several European countries, Trend Micro provided information that helped the Spanish Police bring down the cybercriminal gang that produces the ransomware strain known as Reveton.

Police ransomware works by sending messages that imitate official police communications and inform you that you need to pay a fine to your local police. But once you click on the link, a Reveton Trojan is loaded that restricts access to your computer until you pay a ransom to have the restriction removed. According to the Spanish police, this ransomware scam netted the gang over one million Euros per year—and it is still in circulation and being used by others.

Spanish police became interested in the Reveton Trojan when they received complaints from victims of the scam. Trend Micro and Spanish law enforcement agencies shared intelligence, including malware samples. As a direct result of activities carried out by Trend Micro threat research, they were able to map the criminal network's activities, including traffic redirection and the location of their command and control servers.

Some of the intelligence gathered by law enforcement enabled them to reach a high degree of certainty of the identity of one of the individuals at the very top of this criminal gang—which resulted in the arrest of at least 11 individuals.

Keeping up with today's cybercriminals is no easy task, especially for a single law enforcement agency. In this case, the Reveton gang's Russian leader was arrested in Dubai, United Arab Emirates. Gang members in Spain were also arrested for collecting ransom payments and transferring the funds to the gang's leaders in Russia. Thanks to the ongoing collaboration between the Spanish police and Trend Micro's eCrimes unit, these cybercriminals will be out of circulation for some time.

Trend Micro has been instrumental in a number of arrests and take-downs involving international cybercrime. Other recent collaborations included the Ghostclick/Rove Digital takedown, the "Soldier" SpyEye disruption, the LuckyCat APT campaign and the IXESHE APT campaign.

The good news for Trend Micro customers—our products work against all known versions of the Reveton Trojan. And we're continuing our work with agencies around the world to keep you protected from the latest threats.

For more information on police ransomware, read the following blog posts:
New Police Ransomware Claims Fake Treaty Among AV Vendors and Police >
Latest on Police Ransomware—It Speaks! >

< Back to main page

Trend Micro Mobile Security Personal Edition for Android

Watch this video to learn how to protect your Android smartphone.

Win up to $10,000 in Trend Micro's "What's Your Story?" Contest

If you enjoy making videos, this contest is for you. Our 4th Annual "What's Your Story?" contest has two grand prizes: one individual filmmaker and one school will each get a $10,000 prize. Plus, two more schools and two more filmmakers will be awarded $1,000! This year we're asking filmmakers to create videos that show positive online experiences that have or can happen. Grab your camera and tell us your story! Learn more >