- Apr 13, 2013
- 3,151
As I'm still on the road, just a quickie on some Winlocky ransomware that has been showing up recently.
My thought exactly.A good test but not the results i was expecting some work needs doing.
OK so where is the update????Guys- It turns out that I didn't give this malware time enough to work its work. In a number of ways it is one of the nastiest (most cool) malware types I've seen. Not only did it eventually encrypt Documents, it also acts like a Fortress on steroids.
It also seems to have one other novel attribute that I still have to check on as I've seen it but can't believe it. Looks like I won't have time to eat today (it doesn't get any better than this!).
I will be publishing a Part 2 video this weekend. But what I thought I saw in the code was that the malware was machine specific (as to the ransom timing span); fortunately it wasn't that at all, which is a very good thing.