TorrentLocker is ransomware using components of CryptoLocker and CryptoWall for deceptive purposes. The code, however, appears to be completely different from that of the Cryptos’.
How Does TorrentLocker Infect Your System?
Like typical ransomware, TorrentLocker infects your system via spam, after which it injects a malicious component capable of encrypting files via Rijndael algorithm. Your system becomes locked, and a message demanding payment in Bitcoins in exchange for your decrypted files appears.
In the beginning, TorrentLocker was using a simple XOR encryption method. However, people who ran into it, started blogging about it, and thus the malware developer behind TorrentLocker was forced to strengthen the encryption using AES. As a result, one of the main TorrentLocker decrypters – Nathan Scott, has stopped working on this ransomware.
Security experts have a reason to believe that TorrentLocker either targets Australian systems or it has been created by someone living in Australia as he or she has used the currency and websites from there.
According to them, the malware uses ransom messages similar to CryptoLocker’s, and design – similar to that of CryptoWall. This way, TorrentLocker can and will take advantage of the tactics used by the Cryptos’. And, although TorrentLocker doesn’t use any new techniques compared to other known ransomware, it may –accidently or intentionally – inherit the notoriety from them by mocking components of other ransomware like the Cryptos’.
Does TorrentLocker Have a Future?
It is clear by now that TorrentLocker does not present any new capabilities. Yes, ransomware experts find its approach of simulating the Cryptos’ interesting; however, they are skeptical about its growth as it has no new features on its own. Therefore, experts say that TorrentLocker is effective enough at the moment and will probably not be developed further in the near future. After all, it is perfectly beneficial for its creators the way it is now.
Malware experts also believe that low enforcement is even likely to shut it down in the near future as TorrentLocker is not active without an Internet connection and is not using advanced cryptography methods.