Know Your Ransomware Attacks Part I: Locker Ransomware
In the first of this two-part series, we take a closer look at how to recognize a Locker ransomware attack and, more importantly, how to defeat it.
This is the first story in a two-part series dealing with the different types of ransomware impacting businesses. Today’s installment focuses on Locker ransomware.
Presently, the Interent is seeing two types of ransomware attacks, Locker ransomware and Crypto ransomware. We’ll take a closer look at Crypto ransomware in a future piece, but today let’s focus on Locker ransomware, which is not as dangerous if you know how to handle the attack.
- RELATED: Get educated on the increasingly sophisticated tricks hackers are using to enhance their ransomware attacks.
How to recognize Locker ransomware
Locker ransomware usually attacks an individual computer when the user visits a compromised website. The user will receive a screen pop up stating that Microsoft, Apple or some other support entity has detected viruses on the computer. The message also states the user should not shut down the computer as all data will be lost. The “Do not shut down” request is usually strongly suggested. It also provides a phone number, usually toll free, for the user to call in order to establish a support session with a service technician. If you attempt to cancel the pop up, it immediately returns. Your computer is virtually locked up and not usable.
If the phone number is called, a service technican will attempt to estabish a remote session into the supposed infected computer. They will ask for credit card information and other information in order to allow the service technician to open a service session, sell you anti-virus and clean up the situation. They may also load software on the computer.
How to defeat Locker ransomware
The solution to Locker ransomware is simple: Shut off the computer. Do not re-start, but rather perform a complete shut down. You may not be able to perform a Windows shut down using software commands and if that is the case, perform a hard shut down by pressing and holding the computer’s power button. The computer is not usable as the cyber-criminal has it locked up via the connection to your computer. Shutting down breaks that connection and the cyber-crimminal loses his or her lock capability. Then restart normally and the pop up will not re-appear. Run a virus scan to be sure everything is normal.
In summary, if you get hit with Locker ransomware do not panic and do not make that phone call. Simply shut down the computer and restart normally and all shold be fine.
Steve Giordano is president of TeamLogic IT. Learn more about the company by clicking here.