PowerLocker: A Newer, Smarter Ransomware Inspired Cryptolocker’s Success.

Powerlocker VirusCriminal malware developers have created a new ransomware program called PowerLocker.  PowerLocker is used to encrypt files on infected computers so cybercriminals can demand ransom fees from victims to recover the files. The new ransomware appears to be inspired by the success of Cryptolocker, a program that’s infected more than 250,000 computers since September 2013.

Similar to Cryptolocker, PowerLocker uses strong encryption to prevent the user from recovering stolen files. If your computer is infected, you must pay the ransom fee to retrieve the files. Your only salvation will be if you’ve performed a recent file backup. If you haven’t, you’ll forfeit that data unless you pay the ransom.

According to security researchers, PowerLocker is more dangerous than Cryptolocker because its developers plan on selling it to other cybercriminals.

The malware’s main developer released a progress repost that reveals PowerLocker consists of a single file that’s placed in the Windows temporary folder.

  • Once the file infects a computer, it encrypts all the files stored on network shares and local drives.
  • The files are encrypted using the Blowfish algorithm and a unique key.
  • The keys are then encrypted with a 2048-bit RSA key.
  • The victim will be sent the public keys, but the corresponding private keys are needed to decrypt the Blowfish keys.

Does this sound familiar? Cryptolocker’s encryption process is very similar.  The difference is that PowerLocker disables the Windows and Escape keys after encryption.  Then it creates a secondary desktop to display the ransom message. PowerLocker prevents the victim from switching away from the secondary desktop, disabling the Alt+Tab keyboard shortcut.

In addition, PowerLocker detects whether the computer is running virtual machines, debugging environments, or sandboxes, in order to prevent security researchers from using tools to analyze it.

How to Mitigate the Damage PowerLocker Can Cause

The following are two ways to keep your data safe:

1.     Update Your Applications

Most malware is spread through exploits in vulnerabilities in software programs like Flash Player and Java. Keep your applications up to date to prevent ransomware and malware infections.

2.     Backup Your Data

If your computer is infected, you have two options: recover your files from a recent backup or pay the ransom fee. The take-home message here: Backup your data regularly.

To learn more about PowerLocker and how to keep your data safe, give us a call at (239) 676-6679 or send us an email at info@pulsebizsolutions.com. Pulse Business Solutions can help you stay up to date on the latest ransomware and security threats.

Yes! I'm looking for the best IT services to support my business
Clients Feedback

After switching to Pulse, we were pleased to know that our IT service bills were consistent and fixed fee each month. This part was huge because finally we could plan and budget for our IT service expenses. We also appreciated the fact that Pulse would dispatch experienced technicians based on the issue at hand resulting in faster resolution of problems that arose. One of the most valuable parts of working with Pulse is that I know there will be a quick and appropriate resolution to any issue that we experience. This process gives me peace of mind because like most small businesses, we need quick and efficient responses to any and every system issue we may face. Pulse’s consistency and dependability in service is unparalleled to providers we’ve had in the past.

Consistent and Dependable
-Non-Profit Organization
Fort Myers, FL
read more»