CyberNews Briefs

FBI warns of ProLock ransomware decryptor not working properly

The FBI has issued an alert warning the public that the ProLock ransomware decryptor does not work to secure data in the event of a ransomware attack. Earlier this month, the FBI released a flash alert informing organizations of the new threat actor, stating that it targets US healthcare, government, financial, and retail entities. With the ProLock ransomware, files larger than 64MB will likely be corrupted during the decryption process.

The FBI stated that the malware originated as PwndLocker in 2019, however, it typically targeted business and local governments at the time. The FBI adds that integrity loss of 1 byte is possible with files over 100MB and additional work is necessary to make the decryptor work properly, causing an increase in downtime of an organization even if they agree to ransom demands. Cybersecurity company Group-IB has stated that ProLock has joined forces with QakBot banking trojan, contributing to the ransomware’s ascension.

Read More: FBI warns of ProLock ransomware decryptor not working properly

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.