AgeLocker Ransomware

AgeLocker Ransomware Description

The AgeLocker Ransomware is a high-end data-encrypting Trojan. Most of the file-lockers use basic encryption techniques, but this is not the case with the AgeLocker Ransomware. The AgeLocker Ransomware uses a new encryption service called ‘Age,’ which is an abbreviation of ‘Actually Good Encryption.’ The ‘Age’ encryption utility is a complex project developed by a Google employee, which was not created for any malicious purposes. However, just like with many other well-intended projects, the ‘Age’ utility has been hijacked by cybercriminals. Since the AgeLocker Ransomware uses the state-of-the-art ‘Age’ decryption utility, unlocking files encrypted by this file-locker is impossible, unless the authors of the threat opt to cooperate.

This Week In Malware Ep16 Pt1: AgeLocker Ransomware Using Google's 'Age' Encryption Tool on Victim Files

Instead of propagating the AgeLocker Ransomware via classic infection vectors such as phishing emails, malicious ads, fake application updates, torrent trackers, the creators of this nasty Trojan are deploying it manually on systems, which they have previously breached. Deploying threats manually always results in a low infection rate. However, this is not an issue for the AgeLocker Ransomware as the attackers have managed to compromise the networks of several businesses and other high-value targets.

When the AgeLocker Ransomware compromises a system, it will encrypt the targeted files and add a new extension to their names. For each victim, the AgeLocker Ransomware would generate a unique extension based on their initials. Most ransomware threats drop a file on the compromised system, which would contain the ransom message of the attackers. However, the AgeLocker Ransomware delivers the attackers’ ransom note via email. Each email would address the victim either by their company’s name or their personal name. The attacker’s ransom message includes a list of all the encrypted systems, files, and drives. The authors of the AgeLocker Ransomware demand to be paid 7 Bitcoin (approximately $65,000).

As we mentioned recovering the data for free is not yet possible. However, you can remove the AgeLocker Ransomware from your PC with the aid of a reputable, modern antivirus software suite.