• Tag Archives Prison Locker Virus
  • Prison Locker Virus Upcoming in 2014

    Ransomware is one of the most blatant and obvious criminal’s money making schemes out there. Ransomware malware was mostly known by the people when Cryptolocker comes into play. At the time when readers were getting aware of ransomware, Cryptolocker threat had touched the peak and other money motivated cyber criminals have started developing their own Cryptolocker versions.

    Two hackers going by the name of ‘gyx’ and ‘Porphyry’ (admin of maldev.net hacking forum) are advertizing a new ramsomware malware tool-kit called “Prison Locker” on various hacking forums with tutorials.

    They have developed the Prison Locker a.k.a Power Locker ramsomware toolkit in C/C++ programming language, proving a GUI version with customizable features for customers.

    The Ransomware is using BlowFish encryption to encrypt all available files on the victim’s hard disk and shared drives except .exe, .dll, .sys, other system files.

    During encryption it will generate unique BlowFish key for each file and then encrypts the keys further with RSA-2048 encryption and will send victim’s system information back to the command-and-control center of the attacker.

    As the developer mention in a Pastebin post, the Command-and-control center allows an attacker to set the ramsomware warning time duration, ransom amount, payment mode and also allow decrypting the files on the victim system after payment received.

    The addition features added to Prison Locker:

    • The malware is able to detect Virtual Machine, Sandbox mode, and debugging environments.
    • It Will disable Windows key & Escape key to prevent unwanted user actions.
    • Malware can startup in both regular boot mode and safe boot under HKCU.
    • Kills taskmgr, regedit, cmd, explorer, and msconfig. processes to prevent unwanted user actions.

    If you get infected with this virus call Computer Repair Services at 754-234-5598

    www.ccrepairservices.com