New LokiLocker ransomware can wipe your entire PC

Arif Bacchus


It’s a dangerous time to own a PC as security researchers have found yet another type of ransomware making the rounds on the internet. Known as “LokiLocker” this new ransomware is so bad that it can wipe your entire PC if you refuse to pay up (via Windows Central.)

As detailed by BlackBerry Threat Intelligence, the new malware strain has been around since August 2021. What it does is once it is installed on your PC, is it looks for files to encrypt, and then demands you pay a ransom to unencrypt the files. The files are encrypted with a standard combination of AES for file encryption and RSA for key protection. If you don’t pay up within the disclosed timeframe, all your non-system files will be deleted and the MBR of your system overwritten.

It’s unknown where LokiLocker is coming from, but it’s written in English, which security researchers have found strange. Victims of LokiLocker are scattered around the world, though mainly in Eastern Europe and Asia. BlackBerry Threat Intelligence also believed that the tools used to make LokiLocker are developed by an Iranian cracking team called AccountCrack.

However, this can’t be used to determine the origins. For more details, and a deeper dive into the technicalities of LokiLocker, check out the BlackBerry Threat Intelligence blog. And remember, always be aware of the links you click, and be sure to use Windows Security Center, and turn on Controlled folder access in Windows, or use OneDrive to have the chance to recover your files in the event of a ransomware attack.