ScammerLocker Ransomware

The ScammerLocker Ransomware is an encryption ransomware Trojan. These threats are designed to take the victim's files hostage, encrypting them with a good encryption algorithm and then asking for a ransom payment from the victim. It is crucial to take preventive steps to ensure that one can recover one's files after an attack involving the ScammerLocker Ransomware or the countless ransomware variants that are being used to carry out attacks against unsuspecting computer users currently.

Symptoms of a ScammerLocker Ransomware Attack

The ScammerLocker Ransomware has been linked to a group of con artists that are known as the 'Jodis Hunter Team,' and this name also may be used to reference this threat. The ScammerLocker Ransomware will use imagery associated with this group and other known tactics in its ransom note. The ScammerLocker Ransomware is one of the many variants of HiddenTear, an open source ransomware engine that has been active since 2015. The ScammerLocker Ransomware is one of the newest variants of HiddenTear, first appearing in March of 2018.

How the ScammerLocker Ransomware Carries out Its Attack

The ScammerLocker Ransomware is delivered to the victim through the use of corrupted spam email attachments. Once the ScammerLocker Ransomware has been installed on the victim's computer, the ScammerLocker Ransomware will use an encryption algorithm to make the victim's files inaccessible. The ScammerLocker Ransomware uses the AES 256 encryption to compromise the victim's files. The ScammerLocker Ransomware encrypts the files in a way that makes them easily identifiable because the ScammerLocker Ransomware will add the file extension '.jodis' to the end of each affected file's name. The following are examples of the files (among others) that may be compromisedby malware attacks similar to the ScammerLocker Ransomware's:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The ScammerLocker Ransomware will deliver a ransom note, demanding the payment of a ransom from the victim, after the files' encryption. The ScammerLocker Ransomware's ransom note is contained in a text file named 'FILES_ENCRYPTED.txt' that is dropped on the infected computer's desktop. The ScammerLocker Ransomware also opens a program window with the name 'ScammerLocker.' Both of these versions contain the same ransom note message, which reads as follows:

'You my friend, have been caught. Don't bother installing AntiVirus.
Because You're fucked.
You can only decrypt your files with our decrypter, and a special key.
You must buy 10 IOTA and send it to [random characters]
[Click here for info on buying IOTA|HYPERLINK]
Or if you want to decrypt your files for free,
simply send an email to jodishunterteam@protonmail.com and then we can negotiate.
Good day, Jodis Hunter Team.'

Dealing with a ScammerLocker Ransomware Infection

Malware specialists advise computer users to avoid contacting the people associated with the ScammerLocker Ransomware attack since this may open you up to further threat attacks. It is especially necessary to avoid paying any ransoms linked to the ScammerLocker Ransomware. Apart from the fact that it is very unlikely that the con artists will help the victims recover their files, paying these ransoms allows these people to continue developing and creating new threats like the ScammerLocker Ransomware. Instead, the files should be backed up on a detachable memory device or the cloud, which allows a quick recovery after an attack like the ScammerLocker Ransomware.