https://meltedinhex.com/tags/lockcrypt/ Recent content in LockCrypt on Melted in Hex https://meltedinhex.com/images/og-social.png https://meltedinhex.com/images/og-social.png Hugo en-us Fri, 01 Dec 2017 04:43:00 +0530 https://meltedinhex.com/posts/analysis-of-lockcrypt-ransomware/ Fri, 01 Dec 2017 04:43:00 +0530 https://meltedinhex.com/posts/analysis-of-lockcrypt-ransomware/ <p><strong>Introduction:</strong></p> <p>Attackers have been recently breaking into corporate servers via RDP brute force attacks to spread a new variant of ransomware called LockCrypt. The attacks first started in June but there was an increase of attacks in October. The victims were asked to pay 0.5 to 1 BTC to recover their server.<br> LockCrypt encrypts all files and renames them with a &lsquo;.lock&rsquo; extension. It also installs itself for persistence and deletes backups.</p>