Security researchers from Proofpoint discovered three new families of ransomware: CryptFlle2, BrLock, and MM Locker.
These three new ransomware variants are part of a growing global ransomware trend in recent months, with an ever-increasing number of malicious software to be released every month.
CryptFIle2
Το CryptFIle2 εμφανίστηκε στα μέσα του Μαρτίου του 2016 και η Proofpoint αναφέρει ότι οι απατεώνες χρησιμοποιούν τα Neutrino και Nuclear exploit kits to distribute the malware to their victims.
This ransowmare is very simple at this point, it does not use any payment or decryption service, and to retrieve its files, it should contact the creator of the ransomware via e-mail and negotiate a decryption value.
Researchers report that the application uses RSA-2048 encryption and could be a clone of CryptoBoss ransomware.
BrLock
The second ransomware discovered by the researchers discovered was called BrLock, and was first observed ten days ago at 18 April. It targets only users from Russia.
Application developers for ransom demand 1.000 rubles (around 15 dollars). The low ransom price is indicative of geographic targeting as the Russians usually do not have the financial resources to pay excessive ransom requirements, as victims in western countries do.
Ransomware only locks the screen of the computer and does not encrypt the files. So if someone finds a way to bypass her lock screen, can use the computer normally.
MM Locker
This ransomware was discovered in early March, and uses encryption to lock users' files, and adds the ".locked" extension to all encrypted files.
The specificity of MM Locker is the ransom note, which is quite large and tries to persuade the victim to pay.
