Pollocrypt New Breaking Bad Ransomware

Ransomware is a type of malware that blocks your computer, files or certain service until you pay a ransom. There have been many types of ransomware even cryptography ones, able to encrypt your hard drive denying your access to files until you pay ransom in BitCoins.

The new ransomware, PolloCrypt, refers to one of the most popular TV shows of all time, Breaking Bad. It uses a logo of drug lord owned fast food chain, Los Pollos Hermanos. If you get infected with PolloCrypt, this ransomware will encrypt all your files with a private key that only malware authors have. Ransomware makers will request you to transfer money via BitCoin and they use a two-tier payment method discovered in many other ransomwares before. Two-tier payment means that a victim can pay immediately around 350$ USD, but if a victim chooses to wait for a longer period the price will go up to around 780$ USD.

The above locking screen is embedded deep in the malware with base64-encoded BMP file, meaning that malware will still work even if you are online.

PolloCrypt ransomware that was identified as Troj/LPoLock-A by SophosLabs, is written in Microsoft Power Shell, a high-level scripting language allowing anyone to modify the code.

Recommendation: Since the cryptography ransomware is on the rise, we at Security Zap recommend:

  • Regularly update your software and Operating Systems
  • Backup you files
  • Don’t download and open suspicious files
  • Encrypt your hard drive with strong encryption

No Responses

Leave a Reply