Inlock Ransomware

When the Inlock Ransomware threat infiltrates a computer, it will activate a strong encryption process that will leave victims unable to access most of the data stored on the device. Documents, images, PDFs, photos, archives, databases, and many other file types can be locked and marked with the '.inlock' extension. Typically, ransomware operations are financially motivated, with the goal of the attackers being the extortion of money from the impacted individual users or corporate entities.

As part of its intrusive actions, the Unlock Ransomware will drop a text file named 'READ_IT.txt' and change the current desktop background with a new one. Despite the name of the text file being in English, the ransom-demanding message is written entirely in Spanish. It instructs Inlock Ransomware's victims to contact the cybercriminals to negotiate the size of the ransom they will have to pay.

However, the Inlock Ransomware's note doesn't contain any information on how exactly to establish communication with the hackers, turning the threat into a wiper with few options to recover the locked files. In most cases where ransomware threats do not mention any contact information, it signals that the threat is currently being tested or is still being developed.

The full text of Inlock Ransomware's note is:

'¡¡¡TU EQUIPO HA SIDO CIFRADO!!!
Lo sentimos mucho, pero has sido objectivo de un ciberataque.
Todos tus datos personales han sido cifrados. Ponte encontacto conmigo para negociar el rescate.
Una vez me llegue el pago, te haré llegar la herramienta encargada de descifrar todos los ficheros.
Espero que no tengas nada de gran valor 😉

El siguiente código no lo pierdas o no podrás recuperar nunca más tus datos:'