AlumniLocker Ransomware
The AlumniLocker Ransomware is an emerging cyber-threat whose operators are relying on phishing emails to reach potential victims. The topic of the emails is usually related to payments or invoices, and the recipient is asked to download and review a PDF attachment. According to the mail's body, the attachment contains an invoice but, in reality, it is a fake file designed to extract and run a corrupted ZIP archive. Once the AlumniLocker Ransomware is up and running, it starts encrypting files by using an encryption routine identical to the one found in the Thanos Ransomware family. However, there is not enough information to determine whether the same group of criminals is behind both of these projects.
The files that AlumniLocker Ransomware locks will have the '.alumni' suffix added to their name. As for the files that are harmed by the AlumniLocker Ransomware, the locker goes after over a hundred file extensions to maximize the damage it causes. After completing the attack, the ransom note 'HOW_TO_RECOVER_YOUR_FILES.txt' is dropped on the desktop.
Over the past year, a large number of ransomware operators evolved their extortion tactics by threatening to release the victim's data on the Internet if they do not pay a ransom sum. Of course, they also ask to receive a payment and promise to provide a decryption tool in return. The AlumniLocker Ransomware follows the same strategy, and its creators threaten to publish data on a public website unless the victim pays a ransom fee of 10 Bitcoin. The good news is that AlumniLocker Ransomware's website appears to be offline, which may mean two things – either the criminals are bluffing and they cannot publish files, or they are still working on their project.
Paying a ransom fee of $500,000 is out of the question, and victims should never consider it. It is not yet clear whether AlumniLocker Ransomware's creators plan on publishing collected data online. The best thing victims of the AlumniLocker Ransomware can do is to ignore the message of the extortionists, and then run a malware removal tool to eliminate the threatening program. Finally, they can proceed to recover the files from a backup or experiment with other data recovery options.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.