Ransomware removal reporters found a new cyber threat lurking in the shadows. After the initial analysis, the virus was classified as ransomware. The ransomware that goes by the name of ‘ Xlockr Ransomware’ was discovered on the internet, coercing its victim into a payment of $100 for ransomware removal and decryption. So far, the ransomware has not been categorized as belonging to any known ransomware family due to its newness and thus cybersecurity professionals are analyzing it to gain further insights.
The ransomware was first reported on 27 July 2018. Ransomware removal experts have associated high-level risk with the ransomware and have found it mainly attacks machines running the Windows operating system. This particular ransomware infiltrates computer systems stealthily and upon entering will work to dismantle the system’s security tools.
Subsequently, the ransomware spreads its viruses to different components of the computer and adds malicious code into the Windows registry’s entries. This is done so users cannot attempt any ransomware removal procedure by restarting their PCs. The ransomware uses the well-known cryptographic algorithm Advanced Encryption Standard 256-bit for blocking access to users’ files. Like other ransomware, Xlockr will proceed to demand a hefty ransom for the return of data.
Victims will find their files to be infected with Xlockr Ransomware when the customized icons will be converted to blank icons. Moreover, an extension of ‘.xlockr’ is added to the infected files. A ransom note with the name of ‘Uninstall’ is added to the system that announces the encryption of the files. The note states that most of the important files of the users have been encrypted and they cannot be retrieved or accessed without the use of a decryption key.
The note then proceeds to guarantee ransomware removal and recovery securely in exchange for money. A time frame of 3 days is provided for the payment. After the deadline, a $1 per minute rise in the ransom amount is threatened as a punishment.