Latest Alarming Ransomware Development
DIY Ransomware – New Threat
White-hat security research workgroup MalwareMustDie has been following discussions on underground crime forums regarding a new piece of ransomware currently being developed, which will apparently be put on sale for as little as $100.
The developer of the malware has dubbed his creation Prison Locker and later changed the name to Power Locker, and has been sharing his progress and details about the malware’s capabilities in order to drum up interest.–net-security.org
What makes PowerLocker particularly troubling isn’t this “unbreakable encryption.” CryptoLocker does the same thing, after all. There’s no getting your files back without the private key the criminals supply after you cough up the ransom. No, it’s the fact that someone is actively selling a DIY kit that mimics CryptoLocker’s functionality for a ridiculously low price.–geek.com
PowerLocker goes further than Cryptolocker
…PowerLocker goes even further. Once the encryption stage is done, it disables the Windows and Escape keys and prevents a number of other useful utilities like taskmgr.exe, regedit.exe, cmd.exe, explorer.exe and msconfig.exe from being used.
It then uses the functionality in Windows to create a secondary desktop and displays the ransom message there. The malware checks every few milliseconds to see whether the new desktop is the active one and prevents users from switching away from it, making the Alt+Tab keyboard shortcut and applications running on the primary desktop irrelevant.
– See more at: InfoWorld.com
Note to PC Matic users: Because PC Matic’s security, called Super Shield, uses a white list and a black list, you are protected from ransomware, but you have to make sure Super Shield is properly enabled.
Video: Step by step instructions for how to install and enable Super Shield.