Ransomware operators are extremely persistent with their activity. Amid the increasing prevalence of cryptomining malware, they are trying to hold their grounds by releasing new strains every other day. Ransomware removal experts, therefore, stumble upon new cryptovirological strains quite often. In the latest such discovery, they have found an encrypting malware that goes with the name Seed Locker ransomware.
It Might be an Everbe Variant
Besides developing cryptovirological scripts from scratch, many times ransomware operators make upgrades to the existing ones and throw them in the cyberspace. Researchers are of the opinion that Seed Locker might also be a variant of an existing cryptovirological strain called Everbe ransomware. The similarities between the ransom notes of the two are the major reason why experts are considering Seed Locker an offshoot of Everbe.
Ransomware removal experts are still trying to find out the encryption module used in Seed Locker ransomware. If it’s the latest variant of Everbe, then there are strong chances that it will also be using the AES system. Advanced Encryption Standard is the most popular encryption tool among the cryptovirological operators. Every second ransomware has AES encryption module in its foundation.
Ransom Amount Is Not Given
Seed Locker operators are using phishing emails to spread the infection. As the targeted user clicks on the attached executable file of the email, the cryptovirological payload starts unpacking on the device. As the encryption ends, the extension ‘seed’ appends with every encrypted file and a ransom note appears in every folder in a text file.
Seed Locker operators haven’t specified the extortion amount they are demanding for providing ransomware removal decrypter. They ask the affected users to correspond over the email provided in the note. Moreover, they offer the victims to send them up to three files to get their free decryption. Such offers are made to prove that the attackers own a legitimate decrypter that can unlock all the flies. In some cases, rookie operators don’t have the right decryption. They are just bluffing with the affected users to get the ransom.
It is important to mention here that the attackers haven’t use the word ‘encrypted’ in the note. They reassure the victims that their files are not damaged and lost and they can get them back after the payment of ransom.
Experienced ransomware removal experts have the expertise to come up with decryption of many AES-based lockdowns. So, it is better to go for a professional solution instead of resorting to the extortion payment if you are hit by Seed Locker ransomware.