Ransomware attacks are the most recent cyber scams found on the Web. This set of malware affect the Windows computer systems and encrypts your files using public-key encryption, and this encryption key remains on the hacker’s server. Hackers then demand for a ransom against this encryption key.
IntelCrawler, the security company has discovered a new ransomware Locker which demands a ransom of $150 for restoring files. The newly discovered malware although seems similar to Cryptolocker but IntelCrawler suggests that it is potentially breakable. CryptoLocker racked up thousands of systems this year by raising the ransom demands.
Locker is a particularly nasty malware variant and the infected users are in danger of losing their important data forever. The malware deletes the original files from the system replacing them with the encrypted files that can only be decrypted by a special decryption key. Infected users can get the decryption key once the ransom is paid.
It leaves the encrypted files with a “.perfect” extension and also leaves a contact.txt file in each directory of the system which contains the contact details of the hacker and ransom demand against the decryption key to unlock the files.
The text file says that the infected users have to pay a ransom of $150 to get the key for unscrambling the encrypted files. The contact.txt file also threatens the infected user that they won’t get the decryption key if they harass the malware author.
IntelCrawler chief executive AndryeKomarov said,
“We have found a decryption method and universal strings [keys] for decryption on any infected client”.
The nasty software usually spreads through drive-by downloads from compromised websites or via trapped files disguised as MP3 files.
This post on how to prevent Ransomware will suggest steps to take to stay protected and offer links to ransomware removal tools.