Skip to main content

‘Sleeper’ Locker ransomware comes alive, infects hundreds

exploit
Image used with permission by copyright holder
A new strain of ransomware that has been lying dormant on PCs was activated this week by its authors, catching users by surprise. The “sleeper” malware, which encrypts users’ files and holds them for a fee or ransom, appears to have infected computers several months ago but remained inactive until now.

According to security firm KnowBe4, the ransomware, dubbed Locker, was activated at midnight on Monday May 25 and caught users by surprise. Members of the Bleeping Computer forums were some of the first to notice the ransomware with several infected users calling out for help as well as posting screenshots of their ransom messages.

Recommended Videos

“As of yesterday, I found out I have been infected with some kind of ransomware. I spent all night trying to find a solution but nothing bare [sic] fruit…,” wrote one user, who tried using FireEye and Fox-IT’s Decryptolocker solution but to no avail.

Locker is very similar to the infamous CryptoLocker, says KnowBe4 CEO Stu Sjouwerman, and the new malware may have stemmed from a “compromised MineCraft installer.” It represents a new tactic from malware authors where the ransomware sits dormant for some time before being activated. Typically, ransomware encrypts a user’s files as soon as it is downloaded.

Locker17
Image used with permission by copyright holder

“Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!” read some of the notices shared on Bleeping Computer. Locker demands 0.1 Bitcoin, which at the time of reporting is worth about $23. There are reportedly hundreds of users infected at this point but no word on if anyone has paid.

The ransom that Locker is demanding is actually quite small. Most ransoms ask for about $500 worth of Bitcoin. A recent report from FireEye pointed out that some cyber-criminals are actually willing to lower their prices. Lowering prices and making it easier to pay up allows them to target more users for smaller paydays each rather than hoping for one large ransom. With Locker lying dormant and unnoticed for months, this allowed the cyber-criminals to amass a hefty number of infected computers before encrypting any files.

Cases of ransomware have grown significantly over the last year on both PC and mobile, and there are even cases of police departments paying up to get their encrypted files back. Paying the ransomware can be a tricky situation, and most security pros advise against it. In most cases, the cyber-criminals will actually decrypt the files once the money is received, but this is never a guarantee; there have been incidents of criminals simply taking the money and running.

Locker is just another member of this growing malware family now. “At this very early time after the initial discovery, things are still somewhat murky, but we will keep you in the loop about any developments,” adds Sjouwerman.

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
I found the one GPU deal worth buying on Cyber Monday
AMD's RX 7700 XT in a test bench.

Color me surprised. I talked a big game about how you shouldn't buy a GPU on Cyber Monday, and while I still hold true to that sentiment, I found one deal that's actually solid -- and it's for a current-gen GPU. At Newegg, you can pick up the , which is the lowest I've ever seen this GPU go.

As you can read in my RX 7800 XT review, it's still one of the best graphics cards you can buy. It handily beats Nvidia's RTX 4070, and it can go toe-to-toe with the $600 RTX 4070 Super, at least in games without ray tracing. The card also comes with 16GB of VRAM, which is quite a large pool of video memory, considering the price.

Read more
The best Black Friday deals under $50 you can still shop now
black friday deals under 50 amazon fire tv stick 4k max review 16 f7e0c7

Black Friday has officially ended, but a lot of Black Friday deals are still going strong. As the tradition goes, it's the best time of the year to shop and score major savings, making it the perfect time to get gifts for everyone on your list. The best part is that you can keep shopping as it looks like these offers will stay for a while.

We know that you want to buy some things for yourself that don't break the bank or to use this time to stock up on reasonably priced gifts. Here, everything is $50 and under, making it a perfect gift list for people who are our typical Digital Trends readers.
Blink Outdoor 4 Wireless Security Camera — $40 $100 60% off

Read more
You need to buy this 2TB Steam Deck SSD, which is $125 off for Cyber Monday
Thermal shield for the Steam Deck SSD.

If I didn't already upgrade my Steam Deck with a 2TB drive, I'd be buying the Crucial P310 on Cyber Monday. This is one of the best deals I've seen all of Cyber Monday, frankly, and if you have a handheld gaming PC like the Steam Deck or ROG Ally, you owe it to yourself to upgrade the storage for a great price.

You can grab the for $140 right now. Regardless of how you look at the sale, it's a great deal. That's $125 off the list price, or 47% off, and it's significantly cheaper than the competition. The WD Black SN770M, for example, is $180 for 2TB, and that's a Cyber Monday deal. Crucial's deal is by far the best one I've seen.

Read more