Threat Database Ransomware C0hen Locker Ransomware

C0hen Locker Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 1
First Seen: November 14, 2016
Last Seen: January 8, 2020
OS(es) Affected: Windows

The C0hen Locker Ransomware is a file-locker that was first seen in action in December 2019. This threat is able to encrypt a wide variety of file formats, and, as expected, its purpose is to extort its victims for money. Whenever the C0hen Locker Ransomware infiltrates a computer, it will display a ransom message, which urges the victims to follow certain instructions if they want to get their files back. According to the message that the C0hen Locker Ransomware spawns, the victims have to pay a ransom amount of 0.15 Bitcoin, and then contact the discord user 'c0hen#7722' to receive the decryption tool. The usage of a Discord profile for communication shows that the C0hen Locker Ransomware is a low-quality project, and it would not be a surprise if the authors have no idea how to recover the files of their victims. Victims of the C0hen Locker Ransomware should not agree to cooperate with the cybercriminal behind the attack.

The symptoms of the C0hen Locker Ransomware's attack are easy to recognize – the locked files are marked with the '.c0hen' extension. Furthermore, the threat will spawn a new window, which contains a message from the perpetrators. The window is titled 'c0hen@admin', and it contains the instructions mentioned above.

Currently, the only reliable way to counter the C0hen Locker Ransomware's attack is to remove the threat with the use of an up-to-date PC security product, and then restore the damaged files from a backup. If you are not in possession of a backup copy of your files, then you may need to use alternative file recovery options.


Most Viewed