ScammerLocker Ransomware
The ScammerLocker Ransomware is a file-locking Trojan that can block your media by encrypting it and, then, delivers ransom messages in either text or pop-up formats. This threat derives its features from Hidden Tear, and our malware experts recommend testing the compatibility of HT-based decryption tools, instead of paying any fee to its threat actor. Conventional anti-malware programs also may disable and delete the ScammerLocker Ransomware from your computer without its blocking any of your files.
A Tactic that's Just for Con Artists
Threat actors who try to hold data hostage often favor such victims as corporations or the branches of various governments, but new ones referring to themselves as the 'Jodis Hunter Team' are turning that convention on its head. JHT is deploying a standard, file-locking threat with only some of its features verifiable as working, but appears to target scam artists, instead of legitimate organizations or even random users. The ScammerLocker Ransomware includes non-working support for a pop-up but is more threatening for its non-consensual, data-encrypting function.
Our malware research team has yet to confirm how the Jodis Hunter Team is finding its targets, and the ScammerLocker Ransomware may be in partial development and not meant for a release. However, the ScammerLocker Ransomware does include Hidden Tear-based encryption attacks that already blocks the files of an infected Windows machine, such as Microsoft Office content (including Word documents), images, or audio. The ScammerLocker Ransomware adds the '.jodis' extension to the names of what it encrypts and creates a Notepad extortion notice for the victim.
The ScammerLocker Ransomware also is the first file-locker Trojan, to our malware experts' knowledge, to use the Iota cryptocurrency for collecting its ransoms. This fee is equivalent to no more than sixteen USD in value, but the victim may pay it without ever receiving a password for the decryptor that would recover their files. Potentially, the ScammerLocker Ransomware also may create a pop-up window providing the same information as its text note, but this feature is non-loading within the program's current builds.
Unlocking Solutions for Law-Abiding Citizens and Con Artists Alike
Because of its Hidden Tear basis, the ScammerLocker Ransomware has a higher probability than most file-locker Trojans for having compatibility with free decryption programs. Contact an appropriate cyber-security specialist or organization for any help you require with unlocking the files that you can't recover any other way. Any users with backups can take suitable steps for disinfecting their PCs and, then, retrieve their media from the last good copies without concerning themselves with the decryption routine.
The ScammerLocker Ransomware could be targeting scam artists via harvested e-mail contacts or via drive-by-downloads that load through a custom-crafted website or Web ad content. Disabling macros in documents and scripts in your Web browser can avoid many of the vulnerabilities responsible for delivering threats of this category to your computer. Nearly half of most brands of anti-malware software also should quarantine and remove the ScammerLocker Ransomware, according to their latest threat databases.
However its author chooses who to attack, the ScammerLocker Ransomware is no less legally permissible or benevolent than any other kind of file-ransoming Trojan. Avoid unsafe content, as well as bad data preservation practices, and your PC should remain safe from this scam for scammers.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.