Security researchers have uncovered evidence of a new piece of malware that may be able to take gigabytes' worth of data hostage unless end users pay a ransom.
Discussions of the new malware, alternately dubbed PrisonLocker and PowerLocker, have been occurring on underground crime forums since November, according to a blog post published Friday by Malware Must Die, a group of researchers dedicated to fighting online crime. The malware appears to be inspired by CryptoLocker, the malicious software that wreaked havoc in October when it used uncrackable encryption to lock up victims' computer files until they paid hundreds of dollars for the decryption key.
PowerLocker could prove an even more potent threat because it would be sold in underground forums as a DIY malware kit to anyone who can afford the $100 for a license, Friday's post warned. CryptoLocker, by contrast, was custom built for use by a single crime gang. What's more, PowerLocker might also offer several advanced features, including the ability to disable the task manager, registry editor, and other administration functions built into the Windows operating system. Screen shots and online discussions also indicate the newer malware may contain protections that prevent it from being reverse engineered when run on virtual machines.