2012-05-16 - Evolution
Gimemo wants to play in the big league
German ransom page as of may 2012 (ukash / 100€) |
See Gimemo page on botnets.fr for more screenshots
want to reach the big league where Goldenbaks
The UK Ransom landing for "Goldenbaks" as of end of february 2012 |
US landing for "Reveton" as of may 2012 after switching from PaysafeCard to Moneypak |
Greece
Spain (sgae)
Italy (SIAE)
Portugal (SPAUTORES)
Belgium (SABAM)
SABAM Belgium (05/2012) |
Canada is here :
Canada page (16-05-2012) |
Sweden :
Sweden page (16/05/2012) |
to their Ransom Art. They have also double the Ransom amount (50 -> 100) and added the Ukash option for Germans.
German page February/Mars |
German page 25th of March till yesterday |
German page today (Ukash, 100€) |
We can expect that next step is adding Ukash for all the targetted countries where it's available and maybe adding specific redirection for Finland and US as Reveton is already doing.
For a technical description of Gimemo take a look at Ransomware Gets Professional, Targeting Switzerland, Germany And Austria (Abuse.ch) (note that the countries mentionned there were already targetted since beginning of march).
For malware hunter guys :
2645a5c76f191af0b33e4ad475004b31 -> partner3_2
84c4de6df97e2e7c70a1dec511a0d732 -> partner3_2
d1f3c1efbc75d4cdc53241d85cbb8caf -> partner3_2
7a298eddec2944d13ebb341fbd105bab -> unser4
0f87746a40610df632e00ed9359fc1ab -> partner4
03eefeabff651af449f1a639d00a435c -> unser4
c98493cd520c2a8a436f78570526dca7 --> partner3_2
Edit : Added Belgium, Sweden, Canada