Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Researchers Find Three New Ransomware Strains: CryptFlle2, BrLock and MM Locker

Batu69

By Batu69
in Security & Privacy News

Recommended Posts

Batu69

Batu69

Posted
Posted

Threats are simplistic but nevertheless dangerous

9y0kVt6.png

MM Locker ransom note

Security researchers from Proofpoint announced yesterday that they had discovered three new ransomware families, called CryptFlle2, BrLock, and MM Locker.

These three new ransomware variants are part of a growing global trend that has seen ransomware explode in the past few months, with an ever-growing number of new families discovered each month.

CryptFIle2

CryptFIle2 appeared in the middle of March 2016, and Proofpoint says that crooks employed the Neutrino and Nuclear exploit kits to deliver the malware to their victims.

The ransowmare is very simplistic at this point, doesn't use a payment or decryption service, and in order to recover their files, users have to contact the ransomware's creator via email and negotiate a decryption price.

Researchers say that, based on the ransomware's RSA-2048 encryption implementation, this might be another clone after the CryptoBoss ransomware.

BrLock

The second piece of ransomware researchers discovered is named BrLock, was seen for the first time ten days ago, on April 18, and has only targeted Russian users until now.

The ransomware authors didn't even bother to display the ransom note in an international currency, asking for 1,000 Rubles ($15) from the get-go. This small ransom price is also indicative of its geo-targeting since Russians usually won't or don't have the financial resources to pay ransomware ransom demands of $100-$400 as victims in Western countries do.

Luckily for them, this is only "screen locker" ransomware, and not crypto-ransomware, meaning it does not encrypt any files, and once you've found a way to remove the lock screen, you can continue using your computer.

MM Locker

This ransomware was discovered in early March, uses encryption to lock the users' files, and appends the ".locked" extension to all encrypted files.

MM Locker's particularity is its ransom note, which is quite a lengthy one and in which the ransomware's operator tries to convince, quasi-begging the victim to pay.

Article source

Link to comment
Share on other sites
  • Views 474
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...