What is [LOCKED] exactly?
Michael Gillespie discovered ransomware [LOCKED]. This malicious program encrypts files on a computer to prevent access. Victims are advised to purchase a decryption program to decrypt the files. [LOCKED] is a similar program to other programs. It renames encrypted files by adding the ” (LOCKED)” string. So, 1.jpg becomes 1.jpg [LOCKED]. You can find instructions on how to unlock files in the text file ” UNLOCK INSSTRUCTIONS.txt“.
“UNLOCK INSTRUCTIONS.txt”, a ransom message, is available in many languages. It states that you can ignore it if the [LOCKED] program, which is used for decryption, has not started. It is recommended that victims restart their computers to stop them from starting. If the program does not start, victims should restart their computers and disable any anti-virus suites. This website provides information on how to download, launch and pay for a new copy of the decryption software. According to the message, decryption costs 0.00480337 Bitcoins. This is approximately $38.99 at the time of writing. You must pay using cryptocurrency by sending money to the address provided (Bitcoin wallet). Although victims can send “support queries” to [LOCKED] developers this will increase the cost for a decryption code by 50%. The key is supposed to be available on this website once payment has been made. The key can be used to decrypt files. To do this, you will need to enter it into the program. These cybercriminals are not to be trusted or paid, despite this information. Ransomware developers rarely provide keys or decryption tools, regardless of payment. In these cases, the best solution is to restore files from a backup. Ransomware-type programs often encrypt files using strong cryptography algorithms. It is therefore impossible to decrypt files without the right decryption tool, or a key that can only be obtained by ransomware developers.
What is ransomware and how did it infect my computer
Most ransomware and other malware are developed by people who spread it through spam campaigns, untrustworthy download sources, unofficial software updates tools, trojans, and software activation tools (‘cracking’). Spam campaigns are used to spread malware via email attachments. They send emails with attachments to get people to open them and then download and install malware. Examples of files that are used include Microsoft Office documents, PDF files, archive files like RAR, executables (.exe), and JavaScript files. Peer-to-Peer networks, such as torrents and eMule, can allow malicious programs to spread through freeware download sites, file hosting websites and other similar download sources. Malicious files, such as executables, are uploaded by cybercriminals disguised as harmless files. Unsuspecting users can inadvertently create computer infections by downloading and opening these files. Fake/unofficial updates infect computers by exploiting flaws and bugs in outdated software, or downloading and installing malicious code rather than fixes and updates. Trojans are another way to spread malware. These malicious programs can cause chain infections and often install high-risk virus software. Malicious programs can be distributed using unofficial activation tools, also known as “cracking” tools. They download/install malware, not activate any licensed software for free.