FBI warns of ProLock ransomware decryptor not working properly

Bleeping Computer

Ionut Ilascu

Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list.

The FBI‌ issued a flash alert at the beginning of the month to alert organizations of the new threat actor, saying that its targets in the US include entities in the following sectors: healthcare, government, financial, and retail.

Decryptor malfunction
The FBI does not encourage giving in to the demands of any ransomware actor. Doing so would only increase their confidence to continue such attacks.

With ProLock, the decryptor is not working properly and data will be lost. Files larger than 64MB may become corrupted during the decryption process.

Integrity loss of 1 byte per 1KB is possible with files over 100MB and additional work may be needed to make the decryptor work properly. This issue will increase the downtime of an organization even they agree to the actor's demands.

The malware started as...

Get the Morning Update

Thanks for subscribing!