A new Ransomware which was discovered by security researchers, is capable of encrypting files in Windows, Linux and MacOS Appliances. PureLocker Ransomware is used by malicious agents to perform attacks on business networks and servers.
The ransomware is written in the PureBasic programming language and can affect Windows, Linux, and OS-X systems.
PureLocker Ransomware is mainly aimed at Windows and Linux infrastructures and attackers use various escape techniques to prevent detection and ransomware detection for several months.
Once a system is infected, the malware code begins to check to make sure the file was executed as expected by its creators and the malware is removed if any of these tests fail.
Once the malware executes its payload, it then deletes itself and using techniques to cover its traces leaves no evidence of suspicion.
After completing the process encryption, ransomware adds the ".CR1" extension to each encrypted file and deletes the original to prevent recovery.
The ransomware then displays a ransom message on the user's desktop, called YOUR_FILES (.) Txt.
The message does not provide payment information and simply asks the user to contact the hackers via email. They use the anonymous and encrypted Proton email service for this purpose.
You can find out more about PureLocker ransomware here.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.