What is WastedLocker Ransomware?
WastedLocker Ransomware is a highly targeted type of ransomware typically used to attack large U.S. organizations. Once it infects a system, the ransomware creates encrypted filenames which include the term “wasted” and an abbreviation of the victim’s name. As with any ransomware, the goal is to infect a system or network, encrypt files, and hold them for ransom. WastedLocker is associated with the Evil Corp malware group. Unlike some forms, it initially has not been associated with exfiltration and auction of stolen data.
How to Recognize This Threat: As WastedLocker is highly targeted, it is also customized to surpass each target’s defenses. One common method to initially gain entry is the usage of a fake software update alert embedded in existing websites.
How to Prevent This Threat: WastedLocker is trickier than many ransomware variants in both its targeted nature and its ability to evade even behavior-based monitoring long enough to infect a system or network. Certainly one method to prevent the threat is to avoid clicking suspicious popups. Additionally as with any ransomware, regular backups including offline backups of files can allow for quick restoration of encrypted information. And any security setup should cover multiple bases, including firewalls, email security, endpoint protection, & security service subscriptions.