Brace Your PC for PowerLocker, a New & Improved File-Encrypting Ransomware in the Works

Computer MalwareMove over, Cryptolocker. Security group Malware Must Die (MMD) reports that cybercrooks are developing a new and more advanced ransomware that may prove to be an even bigger threat.

The new ransomware, referred to as PrisonLocker and PowerLocker will encrypt all files on the hard-drive – with the exception for system files & exe’s – and hold them hostage until the victim pays a fee or restores them from backup.

Files are said to be encrypted using the Blowfish algorithm. The unique keys generated for each file are then encrypted with RSA-2048, making the encryption “practically uncrackable.” Unbreakable encryption is what makes Cryptolocker’s ongoing reign of terror so successful – users have to pay to get their files back if they didn’t have a solid backup solution in place prior to their system getting infected. That being said, it’s not much of a surprise that Cryptolocker is believed to be inspiration behind PowerLocker.

Although they share the same extortion method, PowerLocker has the potential to deal more damage since its author intends on selling it to other cybercriminals as a DYI ransomware kit instead of keeping it to themselves.

Cybercriminals that buy it will be able to customize it to their liking by setting preferences such as the amount of time before the threat uninstalls itself or amount of money demanded from victims.

Other functionality said to be built into PowerLocker include the ability to disable Task Manager, Terminal, Registry Editor, and other Windows utility features. PowerLocker creates a second desktop to display the ransom window to the user and prevents them from being able to use Alt+Tab, the Windows key or Escape. Any efforts to analyze the ransomware will prove difficult as it is configured to avoid basic VM and debugger environments.

MMD researchers have been monitoring PowerLocker’s development since November of last year and have even managed to scrap some details that possibly point to the ransomware’s creator. They have urged law enforcement to step up and launch an investigation.

Don’t wait ’til PowerLocker is released into the wild, backup your data now!

In the meantime, it would wise for computer users everywhere to brace their computers for future malware attacks that may infect their machines with PowerLocker if/when it is released.

If PowerLocker’s debut is anything like Cryptolocker’s, backing up your data and watching what you download or open on your computer is the best line of defense. Antivirus detection was limited at best and often times the ransomware wasn’t detected until after files had already been encrypted. Just make sure your backups are not stored on the same computer or network, otherwise they could also be encrypted upon infection. 

Need Help Setting Up a Data Backup Solution?

We offer reliable data backup solutions. Contact us if you need help selecting, configuring or scheduling automated backups.

Like this post? Follow us online by liking us on Facebook, following us on Twitter (@sdpcfix), or circling us on Google+.