Italian Municipal Councils Targeted By TorrentLocker

An article from VPN Creative reports that some municipal councils across Italy have fallen victim to a variant of CryptoLocker called TorrentLocker. The ransomware demands a bitcoin payment equivalent to 400 Euros, which doubles in three days if payment is not received.

Having copied the email address book of a local council office, the software targets office workers by mailing an attachment named compenso.pdf.exe. Given some of the office workers deal with receivables, they are then duped into opening the attachment, which encrypts all photos, *.pdf files and Microsoft Office documents.

Unlike CryptoLocker, TorrentLocker doesn't lock the operating system and the computer remains usable. Users are prompted to purchase software to decode the encrypted files and should they run into difficulty, the ransomware operator provides customer service and assistance.

A TorrentLocker decrypter, which is available for free online, claims to have figured out how to decrypt the encrypted files so that users need not pay a ransom in order to get access to their files. Amusingly, it's not difficult to foresee a future in which ransomware writers create free decrypters for ransomware authored by others so that they can re-encrypt the files and claim the ransom for themselves.

Source – https://vpncreative.net/2014/10/26/italian-councils-paralyzed-bitcoin-ransomware-virus/ http://www.corriere.it/tecnologia/economia-digitale/14_ottobre_20/phishing-comuni-hacker-bitcoin-ricatto-c457694c-5831-11e4-9d12-161d65536dad.shtml

3 thoughts on “Italian Municipal Councils Targeted By TorrentLocker

  1. Dutch authorities were actually hit by this last week already: http://tweakers.net/nieuws/99202/gemeente-den-haag-getroffen-door-torrentlocker-malware.html

    what that article basically says is this:

    Software scrapes email addresses from infected computers and sends them emails with links which appear to be from the dutch postal service. The idiots click them and their files gets locked.

    Response from the IT departement: shut down the mail server and override with backups and solve the issue within hours without paying anything.

  2. Weren't the Italian govt recently derping about how they're going to legislate this that and the other ?

    • Ital gov aren't going to legislate by itselves, but will wait directives from the ecb that are coming, anyway banca d'italia is writing some warnings/analysis of its from a long time, another analysis will arrive at the end of this month, probably.

Leave a Reply to Mircea Popescu Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>