Winlockers Back on the Scene

A new strain of ransomware malware has just appeared. The most interesting thing about it is that the new threat locks up compromised devices without encrypting files.

The malicious threat was noted on a porn website which redirects users to an exploit kit that pushes the ransom locker malware.

According to the researchers who discovered it, this malware is the first of its kind which they had seen lately. The success of file-encrypting ransomware like CryptoLocker, CryptoWall, Locky has rendered earlier system locker malware unfashionable if not obsolete.

Unlike file-scrambling malware strains, ransom lockers can be normally be cleaned by using “rescue discs”.

The new strain of ransomware malware represents an advancement of ransom locker malware as it is using Tor to communicate to its command and control servers. The Windows nasty prevents users from booting in safe mode.

Malware experts state that the cyber criminals are testing the waters with a strain of malware that still in its early stages of development.

This new discovery is an advancement of ransom locker malware as it is using Tor to communicate to its CnC servers,” the researcher Paul Kimayong says. “By using Tor, the attacker adds a layer of anonymity while doing its malicious activity.”

Also, while the attacker got your machine kidnapped, they created a Tor hidden service that allows the attacker to utilise your system for bitcoin payments or other malicious activity,” Kimayong concluded.

Leave a Comment

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.