TorrentLocker Ransomware

The TorrentLocker Ransomware is a new file encryptor Trojan whose campaign is believed to be targeting Australian resi-dents through disguised e-mail files. Like the CryptoWall Ransomware or CryptoLocker, whose components the TorrentLocker Ransomware borrows, the TorrentLocker Ransomware modifies file data on your PC to make the files unreadable, thereafter demanding a BitCoin ransom in exchange for reversing the attack. As an alternative to rewarding its creators for their bad behavior, mal-ware researchers would recommend using file backups to ignore the consequences of these attacks, and anti-malware prod-ucts to remove the TorrentLocker Ransomware from any infected PCs.

The TorrentLocker Ransomware: the File Lock-Up that's not as Tight as You'd Think

The TorrentLocker Ransomware is a clear example of threat authors taking other authors' work for personal use, and the TorrentLocker Ransomware even presents itself as a variant of the 'CryptoLocker Virus' in its ransom messages. This misleading message most likely is an effort to make victims believe that their files suffer from encryption by a strong algorithm that would be difficult to break, as opposed to the Rijindael algorithm in use by the TorrentLocker Ransomware. In spite of the relative weakness of Rijindael, malware experts have noted evidence of the TorrentLocker Ransomware rotating the passwords used for its file-encrypting attacks that may make a reversal of its effects by third-party utilities difficult.

However, the TorrentLocker Ransomware's attacks begin with disguised executable files that are distributed through e-mail messages, most likely as fake invoices and delivery notification messages. Because of the use of Australian domains and currencies in the TorrentLocker Ransomware's ransom messages, malware researchers find Australian residents to be in the greatest danger of the TorrentLocker Ransomware attacks, although the TorrentLocker Ransomware is not necessarily regionally specific in terms of its code. Despite borrowing separate modules of both the CryptoWall Ransomware and CryptoLocker, two similar ransomware families, the TorrentLocker Ransomware's internal code is independent and is verifiable as a separate threat.

Protecting Your Computer from the Latest in File Lockers

The TorrentLocker Ransomware is coded to make contact with a remote server prior to initializing its file-encrypting attack. Because of this weakness, PCs that lack Internet connections will not have their files encrypted. Ordinarily, scanning suspicious e-mail files with appropriate security software also should identify the TorrentLocker Ransomware's mislabeled EXE files and similar threat droppers. Detecting the TorrentLocker Ransomware after its installation may be complicated by its injection into the normal Windows process of explorer.exe. For PCs that already have had their files compromised by the TorrentLocker Ransomware, malware researchers find it simplest to recommend restoring the files from a remote backup source, such as a USB device or cloud storage server.

The TorrentLocker Ransomware may not show any new functions that would make the TorrentLocker Ransomware an innovative example of a file locker Trojan. Nonetheless, its dearth of creativity doesn't translate into the TorrentLocker Ransomware being an ignorable PC threat, and its attacks are just as easily capable of depriving you of access to Word documents, image files or audio files, as some examples of potentially affected data. As a final reminder, malware experts find no advantage to paying the BitCoin ransom that the TorrentLocker Ransomware demands, due to the general lack of trustworthiness regarding ill-minded persons keeping their words about restoring encrypted files.

Technical Details