ULocker Ransomware

ULocker Ransomware Description

ScreenshotUlocker is a family of ransomware Trojans that use fake messages from the police in order to scare inexperienced computer users into paying substantial fees. It is easy to differentiate malware in the Ulocker family from other ransomware Trojans because they use a characteristic image that includes a background that includes a large picture of a padlock. ESG security researchers strongly advise computer users to disregard the Ulocker message and to remove this threat from their computer. It is important to remember that ransomware Trojans in the Ulocker family have absolutely no connection with the police and are instead part of a well known online scam that criminals use to prey on inexperienced computer users.

Malware in the Ulocker Family Adapts to the Infected Computer's Geographical Location

ESG security researchers have observed that the Ulocker installation process is affected by the infected computer's geographical location. This has allowed the criminals behind the Ulocker infection to adapt their ransomware attack to computers in different countries, displaying threatening messages from the police in each country's language and referring to that country's main police force. This is done during installation. When the Ulocker Trojan is installed, Ulocker detects the victim's computer's geographical location by analyzing the gate and IP data. Once this is done, Ulocker connects to a remote server and downloads text corresponding to the country code gleaned from the data. This text is superimposed on Ulocker's characteristic picture of a padlock. There are numerous variants of the Ulocker family of ransomware Trojans, corresponding mostly to the largest countries in the European Union.

Ulocker uses a scam that is well known and not difficult to understand. Basically, Ulocker threatens computer users by claiming that their computers were involved in illegal activities such as distributing child pornography. Although the Ulocker message threatens the victim with jail time, Ulocker allegedly is part of a law enforcement operation that claims that the victim must pay a substantial fine if they wish to avoid prosecution. This ransom is typically paid using a money transfer service. Common money transfer services that criminals use to demand payment include MoneyPak (mostly for North America), PaySafeCard, and Ukash. This last money transfer service, in particular, is so widely used by many ransomware Trojans that these kinds of malware infections are often referred to as 'Ukash Virus' or 'Ukash Ransomware.'

Infected with ULocker Ransomware? Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect ULocker Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 6 + 2 ?