The New “Heroes of the Storm” Ransomware

ransomware attacks

Ransomware has been taking the virtual world for a ride with versions derived in different forms. Resto locker is one of a kind that is in the process of development that hails from the HiddenTear family, which is touring the virtual world to drive out information from the victims demanding for a ransom in exchange to unlock the encrypted content.

RESTOLOCKER CAN BECOME A PROBLEMATIC MALWARE TYPE

Just like the case with any being developed kind of malicious software, not all that much is thought about it in its present shape. No less than one ransomware test has been distinguished by security analysts as of now and uncovers some intriguing highlights. Maybe the most imperative is the way it intends to ride the well known game on the web, Heroes of the Storm. This whole ransomware variation is themed around this specific diversion, and it even uses the name to rename encoded records.

While Heroes of the Storm is an extremely mainstream web based diversion – particularly in eSports – it has nothing to do with RestoLocker itself. For reasons unknown, the programmer expected it is wise to utilize this brand as an approach to add some more shading to the encrypted screen and a payment note. Not much at a distant past, we went over another ransomware strain which utilized the Death Note subject. Crooks are attempting to concoct something new, so they frequently fall back on utilizing referred to brands as an approach to bring issues to light.

RestoLocker as of now renames encoded documents to the “.HeroesOftheStorm extension”. However, this has nothing to do with the online game or its designers at all. It is conceivable this malware was made to target particular HoTS players, however, as that would clarify some things. This is just hypothesis now, and it is hazy what the goal of this malware is over the long haul. It is suspicious this new ransomware will affect the amusement’s notoriety in any huge way.

Research demonstrates that RestoLocker depends on the HiddenTear ransomware family. A couple of dozen HiddenTear “clones” fly up each and every week. This specific form got our consideration due to the Heroes of the Storm references, despite the fact that it doesn’t appear to pack anything essential in the engine. That does not mean this malware ought to be rejected crazy, yet it is not something the vast majority will give a moment look unless they end up plainly tainted.

It stays a mistery how this malware is appropriated precisely. Spam email battles appear to be the no doubt guilty party, in spite of the fact that it can likewise be bundled as a drive-by-download on gaming sites. Until now, the quantity of tests remains genuinely restricted, which shows the real conveyance of this malware still can’t seem to start. It will be fascinating to perceive how this product advances once it passes to the next stage of development. For the present, it is difficult to discern whether and when that will happen.

While most ransomware sorts request a Bitcoin installment, there is no sign RestoLocker will do likewise. We have also seen other such malware request installments through gift vouchers, iTunes codes, and so forth. With such a significant number of questions in regards to RestoLocker at the present time, its future stays unpredictable. The references to Heroes of the Storm are very troubling, however we are in the safe boundary for time being.

Julia Sowells960 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register