‘Sleeper’ Locker ransomware comes alive, infects hundreds

exploit
A new strain of ransomware that has been lying dormant on PCs was activated this week by its authors, catching users by surprise. The “sleeper” malware, which encrypts users’ files and holds them for a fee or ransom, appears to have infected computers several months ago but remained inactive until now.

According to security firm KnowBe4, the ransomware, dubbed Locker, was activated at midnight on Monday May 25 and caught users by surprise. Members of the Bleeping Computer forums were some of the first to notice the ransomware with several infected users calling out for help as well as posting screenshots of their ransom messages.

“As of yesterday, I found out I have been infected with some kind of ransomware. I spent all night trying to find a solution but nothing bare [sic] fruit…,” wrote one user, who tried using FireEye and Fox-IT’s Decryptolocker solution but to no avail.

Locker is very similar to the infamous CryptoLocker, says KnowBe4 CEO Stu Sjouwerman, and the new malware may have stemmed from a “compromised MineCraft installer.” It represents a new tactic from malware authors where the ransomware sits dormant for some time before being activated. Typically, ransomware encrypts a user’s files as soon as it is downloaded.

Locker17

“Warning any attempt to remove damage or even investigate the Locker software will lead to immediate destruction of your private key on our server!” read some of the notices shared on Bleeping Computer. Locker demands 0.1 Bitcoin, which at the time of reporting is worth about $23. There are reportedly hundreds of users infected at this point but no word on if anyone has paid.

The ransom that Locker is demanding is actually quite small. Most ransoms ask for about $500 worth of Bitcoin. A recent report from FireEye pointed out that some cyber-criminals are actually willing to lower their prices. Lowering prices and making it easier to pay up allows them to target more users for smaller paydays each rather than hoping for one large ransom. With Locker lying dormant and unnoticed for months, this allowed the cyber-criminals to amass a hefty number of infected computers before encrypting any files.

Cases of ransomware have grown significantly over the last year on both PC and mobile, and there are even cases of police departments paying up to get their encrypted files back. Paying the ransomware can be a tricky situation, and most security pros advise against it. In most cases, the cyber-criminals will actually decrypt the files once the money is received, but this is never a guarantee; there have been incidents of criminals simply taking the money and running.

Locker is just another member of this growing malware family now. “At this very early time after the initial discovery, things are still somewhat murky, but we will keep you in the loop about any developments,” adds Sjouwerman.

Emerging Tech

How Super Mario, Magic: The Gathering, and PowerPoint are low-key supercomputers

What if the creators of Super Mario World, PowerPoint, and even Magic: The Gathering had accidentally created tools hiding a general-purpose computer in plain sight? Turns out they have.
Movies & TV

The best shows on Netflix right now (May 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Gaming

Minecraft Earth hands-on preview: The next big AR craze Is coming

Minecraft Earth is a new mobile augmented reality game from Microsoft that has Pokémon Go dead in its sites. The cute monster collect-them-all started the genre, but Minecraft Earth hopes to redefine it.
Emerging Tech

How facial recognition is changing life as we know it – for better or worse

From the police to ad agencies, everyone is investing in state-of-the-art facial recognition technology. What does all of this mean for ordinary citizens? Digital Trends took a look.
Computing

Is Threadripper dead? If so, AMD has made a huge mistake

Think Threadripper is dead? Think again. AMD's flagship CPU line might not be on this year's roadmap, but it's not dead and could well bring some amazing new enhancements when it returns.
Social Media

6 easy ways to archive all of your favorite Instagram videos

Saving Instagram videos should be just as easy as taking a screenshot. So, we've put together a list of the best apps and tools that save your favorite Instagram videos onto your phone or computer.
Product Review

Microsoft’s Surface Laptop 2 launched last year, but already feels old

Released in fall of 2018, the Surface Laptop 2 was competitive at the time but now must deal with new competitors that were announced at CES 2019. How does the popular Surface Laptop 2 hold up six months later?
Computing

Cybercrime gang that stole $100M busted in international effort

A major cybercrime gang that used powerful malware to steal an estimated $100 million from bank accounts has been dismantled following an international effort that spanned six countries.
Computing

G-Sync is a game-changer. These are the best monitors with Nvidia's display tech

Looking for a monitor that plays well with Nvidia GPUs? You need G-Sync and we have picked the best G-Sync monitors available. Take a look and find out which monitor works best for your PC upgrade.
Computing

Microsoft is discounting this Surface Laptop 2 by a sweet $300

Microsoft is offering a nearly 14-inch Surface Laptop 2 with 256GB of storage at a $300 discount until May 18, 2019. The laptop comes with a PixelSense display, and Intel Core i5 processor and a 720p HD camera.
Product Review

Looking for discrete graphics on the cheap? The Acer Swift 3 will do the trick

The Acer Swift 3 is a tweener laptop that’s not quite budget and not quite premium – and it feels and performs accordingly. It manages to hold its own, though, thanks to its discrete GPU.
Computing

The Razer Core X Chroma is the best external GPU you can buy

The third entry in Razer's lineup of external graphics card enclosures, the Core X Chroma, brings together the best of its previous options in a single package. With RGB lighting and extra USB ports, is this the best you can buy?
Computing

Google recalls Titan Security Key due to hijack risk

Google is offering a free replacement for the Bluetooth Low Energy version of the Titan Security Key. A misconfiguration was discovered in the device, though hackers looking to exploit the vulnerability will find it difficult to do so.
Computing

Whether you want to edit, sign, or append, PDFs, these are the best PDF editors

While there are plenty of PDF editor options online, finding a solution with the tools you need can be tough. Here are the best PDF editors for your editing needs, no matter your budget or operating system.