Name |
COIN LOCKER |
Type |
CRYPTO |
Encryption Type |
Julius Caesar |
Short Description |
The coin locker is a ransomware that belongs to the crypto family this used a specific encryption method known as Caesar Cipher. This emerged in the early stage of 2015. |
Symptoms |
|
Distribution Method |
Email and fake downloads |
Image |
You have been infected with the Coin Locker malware. |
More Details |
The coin locker is a ransomware that belongs to the crypto family this used a specific encryption method known as Caesar Cipher. This emerged in the early stage of 2015. The encryption file will have .encrypted extension followed by it. When the encrypted files are open the victim will be redirected to the TOR browser. Once the encryption is over it deletes all restore points from the PC and as well as the shadow volume copies on the computer in order to make it more arrogant for the victim. This encrypts the file and also sends some important data of files to the Control server.
The Coin locker targets the following file types as given, it scans the entire Computer but targets only these files. Once these files are encrypted a README.txt file is left out in the display of victim computer and when the victim tries to open the encrypted files there is a URL which directs to TOR browser and this Tor browser is used for being anonymous , In this link the ransom is demanded and the victim is asked to pay some certain money in order to get the file decrypted , but the decryption is guaranteed even if the payment is done. The payment is supposed to be done through Bit coins. The encryption process of this is done by Julius method the example of it is as shown below
This is done using the letter substitution where each letter are replaced with another one with a certain amount of difference between the alphabets. The researchers say that there are decryption tools available for the decryption of the affected files due to coin locker ransomware.
|