Threat Database Ransomware REKTLocker Ransomware

REKTLocker Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 14
First Seen: August 10, 2016
Last Seen: August 5, 2022
OS(es) Affected: Windows

The REKTLocker Ransomware is an encryption ransomware threat that will blackmail computer users to force them to pay large amounts of money. The REKTLocker Ransomware reuses significant portions of code seen in other, similar threats. The REKTLocker Ransomware uses a common attack that involves entering a victim's computer and encrypting the victim's files. Once the REKTLocker Ransomware has encrypted the victim's files, it demands the payment of a ransom to provide the decryption key. The REKTLocker Ransomware preys on inexperienced computer users' propensity to not have backup copies of their files. By encrypting files that could be valuable work or school documents, important projects, or cherished pictures or videos potentially, the REKTLocker Ransomware forces computer users to pay large amounts of money to recover their content.

You Need to Protect Your PC Against the REKTLocker Ransomware and Similar Threats

The REKTLocker Ransomware is designed to alter the affected computer's settings to ensure that the REKTLocker Ransomware is both launched during Windows start-up automatically and that the REKTLocker Ransomware will also start up along with other software on the victim's computer. The REKTLocker Ransomware can be intercepted through the use of a security program that is fully up-to-date. You should follow common online safety recommendations such as avoiding opening unsolicited email messages. The REKTLocker Ransomware will work in the background to encrypt the victim's files using an RSA-2048 encryption algorithm. After the REKTLocker Ransomware has encrypted the victim's files successfully, then the REKTLocker Ransomware will display its ransom note and demand the payment of its ransom. The REKTLocker Ransomware delivers its ransom note in the form of a text file named 'Readme.txt' which is dropped on the victim's computer. The REKTLocker Ransomware identifies the files that have been encrypted by changing their extension to '.rekt,' which may be a play on words on the verb 'wrecked,' which is precisely what the REKTLocker Ransomware does to the files it encrypts. Once a file has been encrypted, it may become inaccessible, and completely useless without the decryption key. The following is the text of the REKTLocker Ransomware's ransom note:

'Your computer has been encrypted.
Send 1 BTC to 1NuLLtgCmigRb5mXeFgsGDFnVLypLC4a8Y or your files will be permanently encrypted.
other people’s keys will not work on your computer.
Do not think your antivirus will save you, it will not.'

In fact, the ransom note is accurate. The decryption key for the REKTLocker Ransomware is unique to each infection and, unfortunately, anti-virus software is not capable of decrypting the files that were affected, even if they remove the REKTLocker Ransomware infection itself.

Dealing with the REKTLocker Ransomware

The REKTLocker Ransomware's ransom of one BitCoin (approximately $600 USD) should not be paid. Although it may not be possible to decrypt files encrypted with the REKTLocker Ransomware currently, paying the REKTLocker Ransomware's ransom simply enables these people to continue creating these threats. Furthermore, there is no guarantee that the fraudsters responsible for the REKTLocker Ransomware will honor their promise and deliver the decryption key after you pay the ransom. They are equally likely to ignore you or demand an even higher ransom. The best way to deal with a the REKTLocker Ransomware infection is to recover your files from a backup. This is why keeping backup copies of all files on an external device is so important. If you can recover your files from a backup, then the con artists responsible for the REKTLocker Ransomware have no way of forcing you to pay the ransom. You will become invulnerable to the REKTLocker Ransomware and other encryption ransomware threats if you have a copy of your data.

Preventing the REKTLocker Ransomware infections involves a constant vigilance. The REKTLocker Ransomware may be distributed using corrupted email attachments. If you avoid opening email attachments contained in unsolicited email messages, it is likely that you will avoid these kinds of infections. Use a reliable anti-spam program to ensure that these emails do not appear in your email inbox in the first place.


Most Viewed