Ransomware has taken a lot of forms lately. The classic threats lock up the victims’ computers in the name of a law enforcement agency and demand the payment of a fine in order to unlock the machine.
More recent variants have started leveraging the name of Anonymous to appear more convincing. However, the latest Reveton version – identified by Trend Micro – informs victims that their computers “have been suspended” because they’ve violated the law of the United States of America.
Unlike older versions, the ransomware doesn’t use the name of a specific law enforcement agency. Instead, it claims that the police have “signed a treaty with companies to develop anti-virus software on December 5, 2012 for identifying cybercriminals.”
To make everything more credible, the logos of 26 security solution providers are displayed on the bottom of the screen, including Bitdefender, Avira, F-Secure, Sophos, McAfee, Kaspersky and Symantec.
Another noteworthy aspect highlighted by Trend Micro experts is that the graphic interface of the ransomware warning page tends to change from time to time, most likely in an attempt to improve the social engineering tactic.