COVID-19 Alert – Ransomware Attacks up by 800% - Our CEO speaks with CBS
monster-cloud-logo-transparent
  • Cyber Security Services
    • Prevention Services
      • Penetration Testing
    • Mitigation Services
    • Recovery Services
      • Ransomware File Recovery
      • Ransomware Removal
  • Ransomware Removal
    • LAW ENFORCEMENT RECOVERY
    • .LOCK2BITS
    • .CONTI
    • .LOCKBIT
    • CRYPT
    • LOCKED
    • .BBZZ
    • .BBYY
    • .BNRS
    • OTHER TYPE OF RANSOMWARE?
  • Testimonials
  • Company
    • Career Opportunities
    • Q&A
    • News and Blog
    • University
    • Customer Support
    • Contact Us
  • REMOTE ASSIST
  • (844) 222-1221
REMOTE ASSISTLOGINSUPPORT
SUPPORT

.lockymap : Another variant of PyLocky ransomware

September 11, 2018Martin

A team of cybersecurity researchers has discovered a new cryptovirological strain from the family PyLocky ransomware. This ransomware strain delivers its payload through executable files attached in phishing emails. Developers of .lockymap ransomware have used encryption algorithm ABS-256 to lock down the files on affected computers. As per encryption experts, this algorithm entails complex encryption matrices and is usually used to protect military grade gadgets.

As soon as the malicious code of .lockymap completes its encryption activity, a ransomware note in the form of text file appears on the screen. Victims are instructed in the note to download Tor browser in order to purchase the decrypter for ransomware removal. The attackers also offer the restoration of one encrypted file for free to assure the victims that they have the decryption key. The operators also threaten to double the amount of ransom in case victims don’t contact them for ransomware removal within four days after the attack.

Initial investigation suggests that the newly discovered ransomware strain might also penetrate into the Windows Registry Editor. The sub-keys of Run and RunOnce are the actual target of the strain in the Editor in order to create values for the automatic execution of ransomware whenever the victim turns on the device.

The infiltration of .lockymap ransomware in the Windows Registry also means that the strain is going to delete all the data backed up on the device. Researchers have identified the commands executed by the ransomware to delete shadow volume copies. The ransomware strain is capable of encrypting more than two dozen file extensions. Apart from encrypting a lot of files in the targeted device, the executable file of the ransomware is also stored in several system directories including Temp, AppData, Local and Roaming. Digital security researchers are still trying to work out particular ransomware removal measures for the .lockymap strain.

Previous post WannaCry variant hits iPhone chipmakers Next post A New Ransomware Surfaces: CreamPie Ransomware

Related Articles

MonsterCloud Helps Solve an Issue that Can Bring a Company to it’s Knees

May 16, 2017wpengine
monstercloud helps

NY TIMES: Quotation of the Day: In Computer Attacks, Clues Point to Frequent Culprit: North Korea

May 16, 2017wpengine
computer attacks

MonsterCloud’s CEO Zohar Pinhasi on CBS – Ransomware Spikes During The Holidays

January 3, 2018wpengine
MonsterCloud’s CEO Zohar Pinhasi on WPTV – Ransomware Spikes During The Holidays

Recent Posts

  • Penalties for Hackers if Caught
  • Should Systems That Have Been Attacked by Ransomware be Used Again?
  • Coronavirus Alert – Ransomware Attacks up by 800%
  • Ransomware and Bitcoin
  • Can you trust your employees? How to keep your data protected?

Archives

  • August 2020
  • March 2020
  • February 2020
  • January 2020
  • May 2019
  • January 2019
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • January 2018
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • September 2016
  • August 2016
  • July 2016

Managed Cyber Security Services

MonsterCloud offers a comprehensive cyber security platform providing companies with both the technology and, more importantly, expertise needed to defend themselves from hackers, data breaches, ransomware and other external threats. It reduces reputational risk and affords companies peace-of-mind, knowing their businesses are constantly being monitored and protected by some of the world’s top cyber security experts.

Privacy Policy

Privacy Policy

Career Opportunties

Career Opporunties

Menu

  • Cyber Security Services
    • Prevention Services
    • Mitigation Services
    • Recovery Services
  • Ransomware Removal
  • News and Blog
  • MC University
  • Surveys and Data
  • Testimonials
  • Q&A
  • Give us a review!
  • Contact Us

Stay Connected & Protected

Facebook
Google+
LinkedIn
YouTube
Vimeo

Contact us

1119 S 21st Ave., Hollywood, FL 33020
844-222-1221
[email protected]

Partnerships

NoMoreRansom - MonsterCloud Partnership

Recent Posts

  • Penalties for Hackers if Caught
  • Should Systems That Have Been Attacked by Ransomware be Used Again?
  • Coronavirus Alert – Ransomware Attacks up by 800%
  • Ransomware and Bitcoin
  • Can you trust your employees? How to keep your data protected?
BizJudge.com
© 2019 MonsterCloud.com. All Rights Reserved.