Locket Ransomware
The Locket Ransomware is a screen locker threat. Trojans like the Locket Ransomware are designed to block access to the victim's computer, and then, to restore access to the affected PC demands payment from the victim. The Locket Ransomware seems to try to impersonate CryptoLocker, a high-profile ransomware Trojan.
Table of Contents
Take this Locket out of Your Neck
Malware analysts first observed the Locket Ransomware infections on November 21, 2017. It is clear that the people responsible for the Locket Ransomware have limited skills and resources. The Locket Ransomware seems to impersonate CryptoLocker, which declined in popularity and nearly disappeared in 2016 and is one of the encryption ransomware Trojans carrying out attacks in the wild several years before the appearance of the Locket Ransomware. Despite any misleading information in the Locket Ransomware's ransom note and approach, the Locket Ransomware does not have the capacity of encrypting the victims' data or to carrying out any of the other attack methods used by more sophisticated threats. The Locket Ransomware leaves the victim's files untouched, and merely prevents access to the affected computer by displaying an intrusive full-screen lock screen.
The Locket Ransomware’s Ransom Demands
The Locket Ransomware attack is simple to understand; the Locket Ransomware demands a ransom payment of 0.1424 Bitcoin from the victim (nearly 1,500 USD) supposedly to restore access to the affected files. The Locket Ransomware delivers a ransom note in the form of a program window that has the title 'Locket Ransomware – 1.0' to demand its ransom payment. The full text of the Locket Ransomware lock screen reads:
'Your PC has been locked by the Locket Ransomware!
Info
Access to your PC has been blocked. This means that you wont be able to access your local files. which include Documents. Videos. Music. etc... You also cant use your installed programs! In order to unlock your compiler, youll need a password. In order to get it, a payment of 0.1424 Sitcom is required
The password is unique for your PC III
F.A.Q. It's possible to make the payment via Bitcon. the most reliable anonymous payment form. Don't you have a Bitcoin address ? Creating it is very simple. and money can be easily transfered from a Credit Card/PayPal. If the payment won't be received within the time-limit. all your files will be deleted. And there's no way to recover them.
Click on "Pay now" to get your password. Any attempt to damage this software will lead to an immediate destruction of your files.
[Type password|BUTTON] [Back|BUTTON] [Pay now|BUTTON]'
The Locket Ransomware's demands should be ignored and the instructions in the Locket Ransomware program window not followed. The Locket Ransomware's code has an unlock code hard-coded into it, which makes it simple for most computer users to restore access to the infected computer. The Locket Ransomware's lock screen can be removed by entering the password 'ul62bfqSA' in a dialog provided in the Locket Ransomware window. However, it is likely that the people responsible for the Locket Ransomware will release an updated version of this threat that no longer works with this password. Fortunately, since the Locket Ransomware does not encrypt the victims' files, it is not difficult to bypass the Locket Ransomware lock screen and gain access to the infected computer.
Dealing with the Locket Ransomware Trojan
In cases where the password no longer works, computer users can bypass the Locket Ransomware lock screen by using an alternate start-up method when logging into Windows. Starting Windows in Safe Mode can prevent the Locket Ransomware from loading its lock screen. Computer users also can boot their computers from a different device. Once access has been restored to the infected computer, a security program that is fully up-to-date can be used to remove the Locket Ransomware infection itself.
