Just when you’ve guarded your computer against CryptoLocker, there’s a newer threat that’s capable of holding gigabytes of your computer’s data hostage at a time.
Unlike Cryptolocker, which was custom-made for one ring of thugs, any criminal with $100 and a computer can easily purchase a copy of PrisonLocker—alternately called PowerLocker—for themselves.
Make no mistake: PrisonLocker is ransomware. It encrypts your personal data until you cough up hundreds of dollars for the decryption key, and even then, since you’re negotiating with criminals, there’s no guarantee they’ll make good on their promise.
Malware Must Die, an international group of security analysts, said it had been monitoring a discussion about PowerLocker on a forum for hackers, where its anonymous programmer was selling licenses of the ransomware for $100 apiece.
Aside from being more easily accessible than CryptoLocker, PrisonLocker also boasts additional deterrents to security analysis like the ability to disable functions built into the Windows OS, according to the researchers.
Last October, CryptoLocker, which was run by just one group, netted 10,000 victims in one week. Since PowerLocker is up for sale, it has the potential to wreak exponentially more havoc.
How To Protect Yourself
Fortunately, the threat of PrisonLocker is, so far, just that—a threat. Nobody has been infected with the malware yet because its criminal creator is still developing it.
According to Harry Sverdlove, CTO of threat assessment company Bit9, this is both good and bad for users. On the one hand, we have an advantage since it isn’t out yet. But on the other hand, all the press and hype about CryptoLocker meant hackers had plenty of information to improve the program.
For example, with CryptoLocker, users could preemptively protect themselves by regularly backing up their data. But with PrisonLocker, even data backups might not be enough to save you, according to Sverdlove. PrisonLocker is designed to seek out connected drives with even more power and accuracy than its predecessor.
“Depending on the backup policy and user access, your backups also could be encrypted and unusable,” he said. “If your backups are inaccessible to the system in question, then yes, it can save your data, at least since your last backup. But it can’t save your time. If you have to restore your entire system from a backup and possibly reinstall Windows and all your applications, well then you can kiss your weekend goodbye.”
In other words, there’s an additional step to staying safe. You don’t just need to make regular backups; you need to keep your backups on a drive that isn’t connected to your computer at all times, like an external hard drive that you keep offline.
But more importantly, Sverdlove says to be very careful about which links you click and which files you download. PrisonLocker can’t work if it can’t trick you into installing it. Even if you’re too tech savvy to fall for this (or simply not running a Windows computer), be sure to let your less geeky friends, family, and coworkers know. It’s a reminder we can’t share often enough.
Photo by Don Jenkins.
Update Jan 9 at 9:30 EST: The story has been corrected to reflect Malware Must Die’s international status.