EGGLocker Ransomware
The EGGLocker Ransomware is a Trojan that pretends to lock your files by encrypting them and blocks your screen with a pop-up that demands money for the unlocking service. While malware experts find no working cryptography-based features in the EGGLocker Ransomware, its authors may remove this limitation, in the future. Users should continue backing their files up somewhere safe and have anti-malware products active for deleting the EGGLocker Ransomware before it harms their PCs.
The Egg Whose Hatching Means Fake Data Problems
It has been reported that there are samples of a new, 'file-locking' Trojan. The threat doesn't 'lock' any of the files that it affects. Although all of the EGGLocker Ransomware's symptoms are in line with similar threats, it omits any encryption features or other means of enciphering data to make it non-readable. However, the EGGLocker Ransomware does include peripheral functions that harm the security and accessibility of an infected Windows machine.
While malware experts are confirming the lack of encryption, the EGGLocker Ransomware does add an '.EGG' extension onto different files for giving them the appearance of being locked. Due to an oversight, the EGGLocker Ransomware also may do this to its ransom message. For now, users can remove the extension for their files to behave as usual, although its threat actor could update the program for giving the EGGLocker Ransomware a legitimate data-enciphering routine.
Its ransom note-delivering mechanisms also use a screen-locking feature. The EGGLocker Ransomware loads a pop-up window without borders, which delivers a message demanding payments to a Bitcoin wallet address, supposedly, for the decryptor. Simultaneously, the EGGLocker Ransomware also auto-terminates different programs, including instant messengers, such as Steam and Skype. Therefore, the user has limited options for determining that the EGGLocker Ransomware's attack is fake.
Discarding a Bad Egg of a Trojan
Although the EGGLocker Ransomware is in its testing stage, its threat actor may finish updating the Trojan at any time, due to the ease of adding simple encryption functions to similar software. The EGGLocker Ransomware does have a website infrastructure in place for supporting its ransom collections, although malware analysts recommend against making any Bitcoin payments. Threat actors often solicit cryptocurrency payments without giving a real decryption service to their victims, and free decryption alternatives, frequently, are available.
Since the EGGLocker Ransomware locks the victim's screen display, users should regain UI access by booting their PCs through a non-infected OS startup routine, such as Safe Mode or a recovery USB. As of this article's date, almost all anti-malware products are detecting and deleting the EGGLocker Ransomware and should do so before its attacks occur. Malware analysts also advise saving your media to other, secure locations for safekeeping against all file-locking attacks.
Although some individuals are claiming that the EGGLocker Ransomware is an 'educational' project, it shows the hallmarks of being an incomplete Trojan with intentions of future deployment. Whether its data-ransoming intentions are real or illusory, malware analysts are confirming that it's a threat to your PC's security, and all PC users should defend themselves accordingly.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.