The Locks Ransomware is a file-locking Trojan from Xorist Ransomware's free-to-use family. The Locks Ransomware prevents users from opening media like pictures, spreadsheets, and documents, by encrypting the files and holds them for a ransom. Effective backup strategies reduce most risks from attacks, and users can always remove the Locks Ransomware with compatible security solutions.
A Brand-New Year Full of Rickety-Old Trojans
Heading into 2021, both Ransomware-as-a-Services and 'free' Trojan resources, like the Xorist Ransomware, are neck-and-neck for preference in data-locking campaigns. Another new version of the Xorist Ransomware family, the Locks Ransomware, is getting its due confirmation on the heels of relatives like Lockedfile Ransomware and the Cat Ransomware. However, as far as its symptoms go, the Locks Ransomware isn't that different from its oldest cousins, including 2017's 'email@example.com' Ransomware and the Zixer2 Ransomware.
Windows users at risk from the Locks Ransomware attacks should, first and foremost, concern themselves with mitigating its encryption feature. This attack locks non-system files, such as the user's documents, by encrypting them so that they can't open. The Locks Ransomware also adds an extension related to its campaign name, but this change doesn't impact the encryption or so-called 'locked' status of the file.
The Locks Ransomware's threat actor's goal is making money off these attacks, with pop-ups and text messages from the Trojan providing details about paying a ransom for recovery help. The Locks Ransomware asks for over a thousand USD in Bitcoins, although its wallet has no payment history. This amount is low enough that the campaign could target home users or smaller businesses, ones with weak passwords or exploitable software vulnerabilities, especially.
Even with Trojans, Some Locks are More Fragile than Others
The Xorist Ransomware family is one of the few major groups of file-locking Trojans that usually is compatible with a free-to-download unlocker or decryption program. Users can always quickly test recovering with it before paying a deadline-based ransom. Malware experts recommend against putting all hopes in free software; most Trojans aren't so simple to mitigate. A well-thought-out backup model is essential for sparing data from encryption attacks.
As part of basic safety for securing their PCs, users should also patch their software as regularly as possible, removing most vulnerabilities that attackers could use in their favor. Servers and networks that use strong password protection also are at less risk from a conventional brute-force attack. Lastly, malware experts recommend that users watch known infection vectors like e-mail-attached documents and torrents carefully, particularly.
Verification of its detection rate shows that most security programs remove the Locks Ransomware from infected systems, even if they can't outright reverse the locking portion of its features.
The time pressure in the Locks Ransomware's ransom notes leans on fear-mongering heavily as a sales tactic. Anyone staring at a Trojan's pop-up should pause, think about the motivations behind any warnings and deal with them with at least a grain of salt.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Locks Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.