Researchers have a discovered a new ransomware called FilesLocker distributed as a Ransomware as a Service (RaaS)
Researchers have a discovered a new ransomware called FilesLocker distributed as a Ransomware as a Service (RaaS). The new ransomware first identified by researchers at MalwareHunterTeam targeting English and Chinese speaking users. Ransomware as a Service is where users can sign up and earn a percentage of the revenue share of all ransom payments. According to security researcher Neutral8✗9eR the ransomware is distributed through Chinese hacking and malware forum located on TOR. Users who signed up are offered 60% revenue share of all ransom payments and if they are able to drive enough traffic it can go up to 75%. The ransomware is written in C# and Encrypt files with RSA 2048+AES algorithm. The ransomware is capable of features such as tracking, customization and deleting all shadow volume copies. The ransomware encrypts the files and appends a .locked extension to the encrypted files. The targeted folders for encrypting are Desktop, Music, Document, Pictures etc. 
After the encryption process is complete it will display a screen showing details such as Bitcoin address for payment, unique victim ID and an email address. 
The ransomware also creates a ransom note named #解密我的文件#.txt and #DECRYPT MY FILES#.txt in the folders. The ransomware uses embedded public encryption key for encrypting files and private encryption key for decrypting the files which is only known to the developer so at this there is no way to decrypt the files for free. For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin and Twitter.
You may be interested in reading:Critical Flaw in Branch.io Affects Around 685 Million Users