Business Standard

New 'Locker' malware demands money to recover encrypted data

Image

ANI Washington

Cyber criminals have reportedly developed a new form of 'Locker' malware, similar to CryptoLocker that encrypts files on infected computers and asks victims for money to recover them, security researchers have revealed.

The new malware, dubbed PowerLocker, is likely to be inspired by the success of CryptoLocker Trojan program that infected more than 250,000 computers since September.

According to PC World, PowerLocker also uses strong encryption that cannot be cracked to recover the files without paying, and is more sophisticated and potentially more dangerous because its developers reportedly intend to sell it to other cybercriminals.

Security researcher group, Malware Must Die (MMD), found a post on an underground forum at the end of November in which a malware maker announced PowerLocker.

 

It was discovered that PowerLocker consists of a single file that's dropped in the Windows temporary folder and once run on a computer for the first time, it begins encrypting all user files stored on local drives and network shares, except for executable and system files.

However, unlike CryptoLocker, PowerLocker disables the Windows and Escape keys and prevents a number of other useful utilities like taskmgr.exe, regedit.exe, cmd.exe, explorer.exe and msconfig.exe from being used after encryption.

The researchers revealed that the developers plan to sell the malware for 100 dollars in Bitcoins per initial build and 25 dollars per rebuild, which is a very accessible price for cybercriminals, the report added.

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jan 07 2014 | 4:03 PM IST

Explore News