Once it manages to to execute on the victim’s system however, it will copy itself to the current user’s application data folder using the sub-folder “WinCL” and the file name “WinCL.exe”. How PClock infects a new systemĪt this point it is not entirely clear how PClock, which is written in Visual Basic 6, enters a user’s system. In reality though PClock does not destroy any keys, so the countdown is pretty much meaningless. If a user does not pay the ransom within the allotted time, it will display a last_chance.txt file that tells the user to download the malware again, which supposedly gives you another 3 days to make the payment. Otherwise it claims to destroy the keys required to decrypt the user’s files: Like CryptoLocker it gives the user a 72-hour ultimatum to pay the ransom of 1 bitcoin (approximately USD $300). Like all file encrypting ransomware (also known as crypto malware) PClock’s main goal is to encrypt important files on the victim’s system in order to compel them to pay a ransom in return for their files. 72-hour countdown timer to pay USD$300 ransom Unlike CryptoLocker though, which was a somewhat complex and sophisticated piece of malware, PClock is quite primitive by nature. One of the most recent copycats that we became aware of is a ransomware named PClock that showed up just a day ago. It is therefore not surprising that other malware authors try to capitalize on CryptoLocker’s reputation by releasing copycats. Ransomware CryptoLocker was one of the most infamous malware families of the years 20 and although the operation behind the original CryptoLocker malware family has been dismantled in 2014, it’s still a name that frightens a lot of users and system administrators alike.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |