Ocelot Locker Ransomware
Posted: January 9, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 5 |
First Seen: | January 9, 2017 |
---|---|
Last Seen: | February 10, 2020 |
OS(es) Affected: | Windows |
The Ocelot Locker Ransomware is a fake file-encrypting Trojan that imitates some of the symptoms of such an attack without enciphering any content. Since this Trojan performs no other actions that would damage your local data, finding decryption solutions or restoring from backups should be unneeded. Use your anti-malware products for removing the Ocelot Locker Ransomware or stopping its installation process as appropriate, and avoid paying any ransom it demands.
A Kitten Pretending to be a Puma
Copycats in the threat industry are abundant, but most clones of old Trojans re-implement their full payloads with the same intentions of blocking your files, collecting data, or conducting other attacks. Early in January, malware analysts began to see evidence of a form of copycat file-encrypting Trojan that arguably could be considered benevolent. The Ocelot Locker Ransomware mimics only the pop-up symptoms of this category of threats and seems to be an invasive education lesson against real file-encrypting Trojans.
After it compromises the PC, the Ocelot Locker Ransomware generates a pop-up but doesn't eschew the Close window button, unlike an actual screen-locker. This window provides generic encryption-themed extortion demands (with text cribbed from other campaigns) and a single 'Check for Payment' button. Note that current versions of the Ocelot Locker Ransomware omit any way to pay the Bitcoin ransom (approximately 25 USD) that it supposedly requests.
Clicking the above button will cause the Ocelot Locker Ransomware to display a second window recommending acquiring anti-malware solutions and educate yourself about the basics of file-encrypting Trojans or ransomware.
Educating Yourself on Threats the Right Way
While getting security advice from a 'well-meaning' Trojan like the Ocelot Locker Ransomware is better than nothing, appropriate protected and informed PC users should find all of its information redundant or common knowledge. Real file-encoding Trojans can cause permanent damage to your hard drive's contents, requiring that you find a (sometimes not available) third-party decryptor or restore from a backup, unless you intend to pay the ransom and hope for the best. For its part, the Ocelot Locker Ransomware conducts no attacks other than its pop-ups, which is likely complicit in the low detection rates against this threat that malware analysts see across major industry brands.
The Ocelot Locker Ransomware is unlikely of targeting specific businesses, NGOs or government sectors, but may bundle itself in downloads, especially ones associated with pirated content. Scanning all new files before you open them and upholding strong password strategies should protect your PC from both the Ocelot Locker Ransomware and authentic file encryptors. Since this Trojan performs no encryption whatsoever, deleting the Ocelot Locker Ransomware in full after its installation should need no more drastic a solution than a scan with an updated anti-malware program.
The Ocelot Locker Ransomware's author doesn't seem to be distributing this Trojan with ill intentions due to a lack of appropriate ransom-transaction information in its pop-up messages. However, it can be a wake-up call to the unwary that letting an unknown program run on their computers is an easy way to lose what they've saved on it forever.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.