/?pid=is-your-network-infected-with-sleeper-ransomware-15738

Updated:02:31 AM EDT Jun 25
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Is Your Network Infected With Sleeper Ransomware? - TechAmok

Is Your Network Infected With Sleeper Ransomware? - [security]
02:37 PM EDT - May,30 2015 - post a comment

It's called Locker and has been infecting employee's workstations but sat there silently until midnight May 25, 2015 when it woke up. Locker then started to wreak havoc in a massive way. Bleepingcomputer has a support topic that is 14 pages long and they received 100s of emails from consultants all over the world. Based on their experience with cryptoware, they stated this strain has a large "installed" base, which does not bode much good. Topics related to this new strain are suddenly posted on all the major support boards, AV forums, etc. It appears we have a new player in Ransomware City, and this looks like an 800 pound gorilla very similar to CryptoLocker. At the moment, it looks like the infection vector is exploit kits but there are rumors of a compromised MineCraft installer. Here is what it does:

- A series of Windows services are used to install Locker on the computer and encrypt data files.
- During the install process, Locker will check if the computer is virtual machine and terminate if detected.
- Encrypts data files with RSA encryption, and does not change the file extension. After the encryption it deletes your c:\ shadow volume copies and displays its ransom interface.
- If your backups failed and you are forced to pay the ransom, once payment has been confirmed the ransomware will download the private key and automatically decrypt your files.

The files that are encrypted are the following types: .doc, .docx, .xlsx, .ppt, .wmdb, .ai, .jpg, .psd, .nef, .odf, .raw, .pem, .rtf, .raf, .dbf, .header, .wmdb, .odb, .dbf, and again, Locker does not change the file extension so your users will get error messages from their applications that the file is corrupted. As you see on the screenshot, it has a scary message in red at the bottom of the screen stating: "Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!" This is just to force you into paying, not something to be too worried about.

Short overview of recent news articles

Facebook, Netflix, and Microsoft Websites Hijacked to Insert Fake (Jun,25 2025 )

I put a $3000 GPU in my Average PC... It Was a Mistake (Jun,24 2025 )

Best External SSD for Mac 2025: After Weeks of Testing, Here's What (Jun,24 2025 )

Mostly boob jokes this week (RTX 5090 DD) - Tech News June 22 (Jun,23 2025 )

Superman - Official 30 Second Spot (2025) (Jun,21 2025 )

'The fastest road car I've ever been in!' - Ferrari F80 track day (Jun,21 2025 )

CPU SCAM: AMD Ryzen 9800X3D Counterfeits & Fraud (Jun,20 2025 )

28 Years Later Review (Jun,19 2025 )

HW News - NVIDIA "N1x" CPU Leak, ASUS Xbox ROG Ally, More Intel (Jun,18 2025 )

NVIDIA GeForce 576.80 WHQL Driver (Jun,17 2025 )

The Fantastic Four: First Steps - Official 'H.E.R.B.I.E.' Teaser (Jun,16 2025 )

Huawei Maextro S800 First Look - A True BMW & Mercedes Killer? (Jun,15 2025 )

Upgrade Windows 10 to Windows 10 LTSC Without Losing Data (Jun,14 2025 )

Squid Game: Season 3 - Final Games Trailer (Jun,14 2025 )

WWDC 2025: Everything Revealed in 9 Minutes (Jun,11 2025 )

Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws (Jun,10 2025 )

This Malware BREAKS WINDOWS! (Jun,10 2025 )

Reset Forgotten Password without Any Software, without USB drive in (Jun,10 2025 )

Microsoft Will Block Unsupported Hardware For Windows 11 (Jun,08 2025 )

Memory Wars! Apple vs Ryzen - Is Unified Memory Faster than Shared (Jun,08 2025 )

Predator: Killer of Killers - Exclusive Clip (2025) (Jun,06 2025 )

Enable Deep Effect on Samsung One Ui 7 (Jun,06 2025 )

Google Kills Off PayPal in Google Wallet (Jun,05 2025 )

Samsung's Next Flagship Foldable Will be Ultra (Jun,05 2025 )

Over 40 Malicious Chrome Extensions Mimic Popular Brands to Steal (Jun,05 2025 )

The Witcher IV - Unreal Engine 5 tech demo (Jun,03 2025 )

Nintendo Switch 2 Welcome Tour trailer (Jun,02 2025 )

Stranger Things 5 | Date Announcement | Netflix (Jun,01 2025 )

RTX 5060 Review... No wonder NVIDIA tried to stop us from talking (May,31 2025 )

Samsung Galaxy Watch 8 Classic Is Here - 7 New Updates (May,30 2025 )

Biggest Windows 11 24H2 May Update in the Main Release (May,30 2025 )

How Much Money Should You Spend on a Gaming PC? (May,29 2025 )

laud Note vs Note Pin - Which AI Voice Recorder To Choose (May,29 2025 )

Samsung One UI 8.0 vs One UI 7.0 - 25+ Changes (May,29 2025 )

SECRET CODE UPDATE for Samsung Galaxy Phone to Boost Performance & (May,28 2025 )

WhatsApp is finally available on iPad (May,27 2025 )

Simple Trick To Lower CPU Temperatures (May,27 2025 )

Alma & The Wolf - Official Trailer (2025) Ethan Embry, Li Jun Li, (May,26 2025 )

Change These Browser Security Settings NOW (May,25 2025 )

I NEED AMD to Seize This Moment - RX 9060XT (May,24 2025 )

Windows 98 with a G41 Core 2 Duo System (May,23 2025 )

Disable These Windows Settings for Better FPS! (May,23 2025 )

I Got the Golden GPU from Dubai (May,20 2025 )

Windows 10 emergency update KB5061768 fixes BitLocker boot loops - (May,19 2025 )

2025 AUDI S5 AVANT // 0-100 100-200 TOP SPEED POV & SOUND (May,19 2025 )

Jurassic World Rebirth - Official 'Alert' Teaser Trailer (2025) (May,18 2025 )

F1 25 and F1 The Movie hand in hand (May,18 2025 )

Everyone is Cooling Their PC Wrong (May,17 2025 )

M5 KILLER? Testing the MERCEDES E63S AMG! (May,16 2025 )

Samsung Fully Reveals 5.8mm-Thick Galaxy S25 Edge (May,16 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs