Security researchers from Proofpoint discovered three new families of ransomware: CryptFlle2, BrLock, and MM Locker.
These three new versions of ransomware are part of a growing global trend in spreading ransomware over the past few months, with an increasing number of malware being released every month.
CryptFIle2
CryptFIle2 surfaced in mid-March 2016, and Proofpoint reports that the crooks are using Neutrino and Nuclear exploit kits to distribute the malware to their victims.
This particular ransommare is very simplistic at this point, isn't it uses some payment or decryption service, and to recover them archives of, he should contact the creator of the ransomware via e-mail and negotiate a price for decryption.
Researchers report that the application uses RSA-2048 encryption and could be a clone of CryptoBoss ransomware.
BrLock
The second ransomware discovered by the researchers discovered was called BrLock, and was first observed ten days ago at 18 April. It targets only users from Russia.
The developers of the application they even ask for 1.000 rubles (around 15 dollars) for ransom. The low ransom price is indicative of geographic targeting as Russians typically do not have the financial resources to pay exorbitant ransom demands, as victims in the West do. countries.
Ransomware only locks the computer screen and does not encrypt the files. So if someone finds a way to bypass the screen lock, they can use the computer normally.
MM Locker
This ransomware was discovered in early March, and uses encryption to lock users' files, and adds the ".locked" extension to all encrypted files.
The specificity of MM Locker is the ransom note, which is quite large and tries to persuade the victim to pay.