Lockify Ransomware
Posted: May 5, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 6 |
| First Seen: | May 5, 2017 |
|---|---|
| OS(es) Affected: | Windows |
The Lockify Ransomware is a member of the Hidden Tear family of Trojans with file-encrypting attacks deriving from previously open-source code. Because this family may delete your local backups, external ones can provide more certain recovery options for any users without decryption possibilities on hand. Malware experts also encourage protecting your PC with appropriate anti-malware tools able to remove the Lockify Ransomware or its installers without letting your files be damaged.
Hidden Tear: Less Hidden than Ever Before
Since Hidden Tear persists as a widely available resource for plundering by would-be threat authors, malware experts continue to anticipate new versions of it over the coming weeks and months. Variants like the Mordor Ransomware and the Faizal Ransomware differ little in the immediate effects of their payloads but do show possibly massive differences in how they communicate with their victims, and what they charge to reverse their attacks. The Lockify Ransomware is another sample of just such a Trojan born from this family with no intentions besides locking your files until you pay for them.
The Lockify Ransomware uses still indeterminable means of circulating to new systems, but e-mail spam campaigns are recurring elements of this attack particularly. The small executable uses a variety of misleading filenames, with a slight majority of reputable anti-malware brands identifying it as a threat. The Trojan may drop through document-embedded exploits or other means, such as the currently-popular RIG Exploit Kit.
Most of the details of the Lockify Ransomware's payload show few changes from other forks in the latest branches of the Hidden Tear's family. The Lockify Ransomware scans for files by their formats and directories, afterward encrypting non-essential ones with an AES cipher. The '.Lockify' extension it adds also may help isolate the now-unusable content. The Lockify Ransomware's finishing touch is a pop-up lock-screen that blocks your desktop with an HTML message conveying its ransoming demands and a link to its remote attacker's TOR website.
Don't Lock Yourself out of Data-Saving Options
The Lockify Ransomware's authors are delivering messages that provide inaccurate information on the decryption process for the clear purpose of forcing the victims to pay a ransom without researching any alternatives. PC users with active Lockify Ransomware infections and locked media should remain aware of all potential decryption solutions, along with the fact that using a free decryptor is not 'fatal for your files' necessarily, as the Trojan claims. However, malware experts also argue for backing up all valuable data to keep decryption or the absence of it from becoming an obstacle strenuously.
Threat actors without previous connections or experience in the threat industry can deliver new variants of Hidden Tear without needing any significant programming knowledge. This availability makes Hidden Tear-derived Trojans like the Lockify Ransomware potentially difficult to predict, concerning their distribution exploits particularly. However, most users can defend themselves with a combination of safe Web-browsing behavior, proper password management, and using anti-malware products for catching and deleting the Lockify Ransomware during any install attempts.
Victims shouldn't mistake the terseness and legibility of the Lockify Ransomware's instructions with the brevity of honest communication. Even a ransom-demanding con artist who uses high-tech extortion methods is no better than a stranger snatching your belongings on the street.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.