LockBox Ransomware
The LockBox Ransomware is a Trojan that tries to collect ransom payments from its victims after blocking their files with encryption. Because decrypting media is impossible sometimes, PC users always should reserve backups of their work for restoration after disinfecting their PCs. As a threatening application that can endanger your local files, removing the LockBox Ransomware always should be delegated to appropriate anti-malware programs.
The Box for Storing Your Files Whether You Want to or Not
While Delphi isn't the programming language of choice for most con artists concerned with holding digital data hostage, there are some notable exceptions to the rule. Another, unrelated but very similar threat is joining the ranks of old families like the Amnesia Ransomware: the LockBox Ransomware. Although Delphi is compatible with most operating systems, the LockBox Ransomware's campaign has yet to provide clues on how its author is distributing itself or what ransoms it's collecting.
The LockBox Ransomware's business model is, otherwise, similar to that of other file-encrypting Trojans of 2017. The Trojan modifies selected files on the infected PC with an AES-256 algorithm; this enciphering process prevents the encoded media from opening. The victim requires a decryption program matching the LockBox Ransomware's key to decode their content, which malware experts have yet to determine the availability of in the public domain.
This Trojan's threat actors are using Notepad as the vehicle of choice for transmitting their initial ransoming demands, which ask the user to contact an e-mail address for negotiating. Victims should pay attention to any currency formats involved in these transactions; con artists often prefer using cryptocurrencies that you can't refund (even if you don't receive a decryptor).
Opening the Packaging that's Holding Your PC in Ciphers
While not a descendant of the Amnesia Ransomware necessarily, the LockBox Ransomware does share that threat's compatibility with different OSes, including modern Windows releases. All symptoms associated with the LockBox Ransomware infections, including unusable files and text messages, appear after its attacks are successful, meaning that PC users should rely on proactive defenses to protect their media. Backing up documents, pictures, and other, often-targeted types of information to removable or network-based storage can remove any need to buy a Trojan's decryption service or break its cipher.
The LockBox Ransomware, like many, file-locking Trojans, includes some degree of network functionality (in the form of mORMot-based C&C infrastructure). To limit any additional commands or data-gathering from a remote attacker, malware experts recommend disconnecting any infected PCs from the Internet before commencing with the disinfection process. Use anti-malware tools, both for deleting the LockBox Ransomware, as well as confirming that no related threats assisting its installation remain present on the computer.
While the LockBox Ransomware's ransoming messages are careful to eschew any responsibility for the attacks, a Trojan's words are any more trustworthy than its intentions rarely. Con artists willing to create and distribute threatening software, in the first place, should not be assumed to be forthright in how they communicate with those whom they attack.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.