A new ransomware dubbed as “Locker” has made its apparition and is very similar to Cryptolocker, the first successful modern form of ransomware that was released in late 2013. Ransomware encrypts all the files on the devices it infects and demands a ransom payment in exchange for the decryption key to give the content back to the original owner. Locker is a “sleeper” strain of malware, meaning that victims may have unintentionally downloaded it earlier, but that their devices were not encrypted until the ransomware was activated earlier this week. Hundreds of reported Locker victims across the world have already been identified. As per security researchers, the ransomware could have originated in a compromised MineCraft installer. Once Locker encrypts an infected device’s files, it issues a warning against users and IT professionals who might try to find another way around paying the ransom: “Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!” the notice reads.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street