Security researchers from Proofpoint discovered three new families of ransomware: CryptFlle2, BrLock, and MM Locker.
These three new versions of ransomware are part of a growing global trend in spreading ransomware over the past few months, with an increasing number of malware being released every month.
CryptFIle2
CryptFIle2 appeared in mid-March 2016, and Proofpoint reports that crooks are using the Neutrino and Nuclear exploit kits to distribute the malware software to their victims.
This particular ransomware is very simplistic at this point, it doesn't use any payment or decryption service, and in order to recover your files, you'll need to contact the ransomware creator via e-mail and negotiate a price for the decryption.
Researchers report that the application uses RSA-2048 encryption and could be a clone of CryptoBoss ransomware.
BrLock
The second ransomware the researchers discovered is called BrLock, and it was first spotted ten days ago, on April 18. It only aims users from Russia.
Application developers for ransom demand 1.000 rubles (around 15 dollars). The low ransom price is indicative of geographic targeting as the Russians usually do not have the financial resources to pay excessive ransom requirements, as victims in western countries do.
Ransomware only locks the computer screen and does not encrypt files. So if someone finds a way to bypass her lock screen, can use the computer normally.
MM Locker
This ransomware was discovered in early March, and uses encryption to lock users' files, and adds the ".locked" extension to all encrypted files.
The specificity of MM Locker is the ransom note, which is quite large and tries to persuade the victim to pay.
