The guys behind the Reveton "Police Ransomware" are really active.
After
initiating the Cool EK, refreshing
all design and adding 4 maybe 5 (AU,CZ, IE, NO, DK?) targets around 10 of October they are reaching a new step targeting at least 6 new countries among which one where they seems to be alone in this "business" ( HU, LV, SK, SI, TR (!), RO )
|
Reveton's Design addition in October 2012 |
In Turkey, 20% (!!) of the computers hitting the Exploit Kit are being locked. For many days computer there, were showing a UK design...not anymore
|
Reveton TR (10-2012 - First known Police Ransomware there) |
|
Reveton SI (10-2012 - 2nd Police Ransomware there after Urausy) |
|
Reveton SK (10-2012 - 2nd Police Ransomware there after Urausy) |
|
Reveton LV (10-2012 - 2nd Police Ransomware there after Urausy) |
|
Reveton HU (10-2012 - Once again come after Urausy) |
|
Reveton RO (10-2012 - Third after Urausy and first version of Ulocker ) |
As usual you'll find all these design and past one on
botnets.frAgain, I would be happy to get some help to retrieve BE, PT and DK design (contact me via Twitter or kafeine at dontneedcoffee dot com )
You'll find more documentation about Reveton at the end of
Reveton Autumn Collection += AU,CZ, IE, NO & 17 new design<edit1 30/10/12>
Erratum : Slovenia = SI (merci Eric) So, it's the second one after Urausy
</edit>