File-Locker Ransomware Targets Korean Victims Seeking 50K Won

Infamous File-Locker Ransomware is Once again in news for wrong reasons…

File-Locker Ransomware is specifically targeting Koreans and infecting their PC. What is most shocking that it is demanding a hefty sum of 50K as ransom amount leaving a note requesting 50 K won which comes approximately to 50 US Dollars. File-Locker Ransomware is yet another member of ransomware family that is mainly targeted System users in Korea and Czech Republic as a Hidden Tear variant. But it does not mean that it cannot infect your Windows System or other countries System users are safe. Although, some of the security analysts are identified it as the UserFilesLocker Ransomware, Czech-o-Slovak Ransomware or Czech/Slovak Ransomware. The name of this ransomware comes from it’s ransom note which launches just after the file encryption on Windows machine. When it infect your System, it will leave the ransom note on desktop screen requesting approximately 50 USD or 50,000 Won in order to get files back. If you want to know more about the ransom note then go through it’s wikipedia link.

Know More About The File Encryption Procedure of File-Locker Ransomware

Similar to the traditional ransomware, File-Locker Ransomware often penetrates inside the Windows System secretly. Upon the infiltration, it scans PC to target specific file. After detecting files, it uses the combination of strong AES-256 and RSA-2048 file encryption algorithm. The encrypted file of such a ransomware can be noticed easily because it renamed the original file by adding ‘.locked’ file extension. It is capable of targeting various file types. When performing the encryption procedure completely, it create a ransom note and displayed on desktop screen which entitled as “Warning!!!!!!.txt”. See the text that presented in the ransom message of File-Locker Ransomware :

Detailed Information About The Ransom Note Displayed By File-Locker Ransomware

The ransom note is displayed in the both language Korean and English that demands victims for 50,000 won in the bitcoin as the ransom payment. Curiously, the bitcoin address mentioned in Korean portion is for the seized account as part of Silk Road take-down. But you must avoid to contact with the cyber hacker because ransom note is just only a tricky thing used by the group of cyber hackers to earn online money. Keep a note that this ransomware can be decrypted using ‘dnwls07193147’ password. If anyone becomes victim of such a ransomware then they can easily decrypt their files using this password.

Infiltration Channels of File-Locker Ransomware

File-Locker Ransomware follow the same infiltration way as other ransomware do. It secretly infect Windows System when System user opened any malicious attachment, installed any cost-free programs, download any cost-free packages or pirated software, visit any hacked website, use any contaminated USB drive or device, update software through redirected links and much more. However, the creators of this ransomware uses lots of deceptive and tricky way to infect System without any notice. It’s infiltration channels may always changes time-to-time but the main source of its infiltration remains same that is the use of Internet. That’s why, you should be cautious while surfing the web.

Healthy Safeguard Tips Against File-Locker Ransomware

  1. Use an excellent computing habits and the security software.
  2. Don’t open any attachment that sent by unknown hackers to your inbox.
  3. Use strong and unique passwords to secure your accounts.
  4. Keep a backup copy of your stored data on the regular basis.
  5. Use always upgraded Operating system and updated version of installed application.
  6. Be cautious while performing the installation wizard and much more.

Regarding Locker Ransomware Removal Guide, You May Visit –

Leave a Comment

Your email address will not be published. Required fields are marked *