PwndLocker Ransomware

Posted: March 3, 2020

PwndLocker Ransomware Description

The PwndLocker Ransomware is an independent file-locking Trojan. In addition to using encryption for keeping media from opening on your computer, it can disable other programs and delete Windows backups. Users should have reliable security protocols and backup schedules for counteracting attacks, and anti-malware applications for deleting the PwndLocker Ransomware properly.

Pwning Networks for Making Hundreds of Thousands

NGOs, governments, and even multinational corporations are hardly immune to the same file-locker Trojan attacks that random users fall for every day online. While the means of infiltration, usually, differs from such smaller-scale assaults, the payloads are relatively consistent in their wielding encryption, as a blunt instrument of data sabotage. The PwndLocker Ransomware is an exceptionally pricy display of this illegal business model at work, even against the highest-end of targets.

The PwndLocker Ransomware targets Windows systems and encrypts a majority of file formats, excepting some essential ones, according to their extensions and folders. After encrypting the content, it may add a different extension to their names, such as 'key' or 'pwned,' but doesn't erase the preexisting one ('for-example.bmp.key'). Malware analysts also confirm the PwndLocker Ransomware closing multiple applications automatically, first, including security software, server backup tools, and general-purpose applications like Web browsers and Microsoft Office products.

The PwndLocker Ransomware monetizes the encryption attack through an English text message, although it contains several spelling errors. It redirects victims to a TOR site with in-depth ransoming details, including a two-file demonstration of the decryptor and semi-live support. The cost in the PwndLocker Ransomware sets it well above those of similar Trojans like theĀ STOP Ransomware or theĀ Globe Ransomware: this Trojan is asking for a minimum of six-digit fees, up to over half a million dollars, which varies with the infected network's size.

Expressing 'Pwnership' Over Your Network's Contents

As one may anticipate from such an expensive campaign, the PwndLocker Ransomware doesn't let users recover through the Restore Points and deletes that data during its attack. Although malware experts can't yet analyze the PwndLocker Ransomware encryption method for weaknesses, it's not likely that the threat actors are leaving any notable vulnerabilities in it. Unaccessible, sufficiently-secured backups are the most likely path victims have for recovering any encrypted media without taking the incredibly costly risk of the ransom.

The PwndLocker Ransomware infection vectors are unidentifiable at this time, but victims are notable in Illinois, USA, and the nation of Serbia. The expected pathways for the Trojan's distribution include:

  • Attackers may compromise networks with weak passwords. Strings that are short, widely in use, or have noted associations with factory defaults will provide inadequate protection from dictionary brute-force attacks and similar 'login guessing' hackings.
  • Networks with outdated server software also are at risk from software vulnerability-based attacks. In most cases, these issues are fixable by users installing the available patches.
  • Workers also may be victims of targeted phishing attempts, which can use e-mails with sophisticated and workplace-specific contents. Attachments with documents or spreadsheets containing macros are notable risks, particularly.

While it's one of the most expensive of file-locking Trojans, the PwndLocker Ransomware's features don't appear to include noteworthy identity obfuscation. Any machine with conventional anti-malware protection should remove the PwndLocker Ransomware and prevent infection automatically.

Like currency inflation, ransoms are climbing higher with some file-locker Trojans, reminding the world that even illicit businesses still are businesses. One can choose a means of protecting one's files or leaving them open to exploitation, with the PwndLocker Ransomware's admins, among others, happy to take advantage of the latter circumstance.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to PwndLocker Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware PwndLocker Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.