Threat Database Ransomware LockLock Ransomware

LockLock Ransomware

By GoldSparrow in Ransomware

The LockLock Ransomware is a new ransomware Trojan. The LockLock Ransomware seems to be targeting victims with IP addresses located in China currently. The LockLock Ransomware uses an AES-256 algorithm to encrypt the victim's files. During its attack, the LockLock Ransomware changes the affected files' extension to '.the LockLock,' making it easy to note which files have been affected by the LockLock Ransomware attack. The victim is instructed to either contact the con artists through Skype by communicating with the Skype address 'the LockLockrs,' or send an email to LockLockrs@aol.com. The LockLock Ransomware's ransom note is named 'READ_ME.TXT,' which includes the information to contact the people responsible for the attack. The LockLock Ransomware is a variant of the well-known EDA2 ransomware Trojan, an open source ransomware Trojan that was made available to the public. Apart from the ransom note, the LockLock Ransomware also will change the infected computer's Desktop background. The LockLock Ransomware's developer has advertised an alternate version of this threat on YouTube.

The Family of the LockLock Ransomware doesn’t Stop Growing!

The LockLock Ransomware is based on EDA2, a well-known open source ransomware engine that was created for educational purposes originally. In fact, the creation of ransomware for educational purposes has been proven a complete fiasco time and time again, since con artists will simply take these educational creations and repurpose them for use in their own attacks. Since EDA2 variants are now available readily, it is not uncommon for con artists to recycle large portions of code to create threats like the LockLock Ransomware quickly and reliably. There are countless variants of EDA2 currently active today, with the LockLock Ransomware being one of the most recent additions to this family. The LockLock Ransomware attack is typical of these threats. The LockLock Ransomware enters the victim's machine through covert means, scanning it for certain file types, and then encrypting these files using the AES-256 encryption algorithm.

Dealing with a LockLock Ransomware Infection

Unfortunately, the files encrypted by the LockLock Ransomware are almost impossible to decrypt without access to the decryption key. Most victims have only the option of contacting the threat creators to regain access to their files. However, the con artists associated with the LockLock Ransomware demand large amounts of money to help victims recover from the LockLock Ransomware infection and may even send the victim a useless decryption key, infect the victim's computer with additional threats, or simply ignore the victim's request. Because of this, PC security analysts strongly advise that computer users refrain from paying for the con artists' assistance. If possible, the LockLock Ransomware should be removed with the help of a reliable, fully updated malware remover and the files that were compromised by the LockLock Ransomware should be replaced from backup copies. In fact, having a strong backup method is the best prevention tactic for the LockLock Ransomware and other ransomware infections. If the extortionists cannot threaten victims by encrypting their files, since the victim would simply be able to recover the files from the back-up, then the entire LockLock Ransomware attack becomes completely ineffective.

Preventing the LockLock Ransomware Attacks

Although it is unknown exactly how the LockLock Ransomware spreads currently, the most common infection method for these ransomware Trojans is the use of corrupted email attachments. The con artists will attach corrupted files or include unsafe links in spam email messages. These messages may be designed to have a legitimate appearance, and sent by a bank, hotel, airline, shipping company, or other company that would be trustworthy normally. A reliable security program capable of detecting and intercepting these attacks is essential to prevent the LockLock Ransomware infections. This should be coupled with other forms of preventive security, which may include an anti-spam filter that would prevent these messages from entering the victim's email inbox in the first place, and exercising caution when opening any files or content accessed online.

Trending

Most Viewed

Loading...