New ransomware, more insidious than CryptoLocker, to go on marketJanuary 7, 2014 – 4:46 PM
Researchers warn that a new threat, using harder-to-crack encryption methods than comparable ransomware, may hit the black market soon.
The malware, which locks users out of their computer until they pay a ransom, is being called Prison Locker and Power Locker on underground forums, according to a Friday blog post at Malware Must Die.
According to researchers for the blog, a user in an underground forum who goes by the online alias “Gyx,” first announced he was working on the ransomware on Nov. 20.
Gyx later tested the waters again on Dec. 7th (see screenshot), alerting potential buyers that “substantial progress” had been made in the malware’s development.
When a user is infected with Prison Locker, the locker module of the malware opens a new display window and disables Windows and the users’ escape key. Other Windows processes, like taskmgr.exe and cmd.exe, are also disabled, making a Ctrl+Alt+Del out of the window impossible, screencaps from the underground forum showed.
The malware author also designed Prison Locker to accept payments from victims via Bitcoin, or through online payment systems like uKash and Paysafe (though those options could change or expand before the ransomware’s release).