Bitcoin Ransomware Education: InfinityLock

Ransomware developers have to come up with new tricks and features every now and then. That is much easier said than done, however. InfinityLock is one of those malware types that offers some degree of innovation, although it may not be overly successful in the end. More specifically, it doesn’t encrypt files in the background, but rather issues commands using a command prompt window. Despite the visual improvement, the malware strain itself can be decrypted with relative ease.

InfinityLock has a Unique Lockscreen but Poses no Threat

Ransomware concoctions such as InfinityLock raise more questions than answers right now. Its source code is based on a decryptable ransomware family, which means it poses no legitimate threat whatsoever. It is baffling why anyone would like to reuse such code in the first place, as it serves no real purpose.  Then again, not all victims are aware as to which types of malware can be decrypted without paying money.

That doesn’t mean InfinityLock has no unique features, though. In fact, it does something we haven’t seen any other type of ransomware do so far, although that doesn’t mean it is worth paying much attention to. As most people are well aware, every type of ransomware has its own type of lock screen. In most cases, said lockscreen is used to inform victims that their files were encrypted and what they must do to restore file access.

InfinityLock, on the other hand, offers some visual improvements in this regard. Rather than displaying a bland and static message, the developers found a way to make people think the lock screen actually performs specific commands to encrypt files. It’s an unusual development, to say the least. Uneducated victims may think a hacker has worked their “magic” through this fake Windows command prompt window, although that is not the case whatsoever.

Do not be mistaken in thinking this malware is completely harmless, though. It will still encrypt all files on your computer and append a custom extension to every file in the process. However, as it can be decrypted free of charge, there is nothing to actually worry about whatsoever. It is unclear which malware it is based on exactly, but anyone who gets infected by InfinityLock should be more than capable of decrypting their files without making any sort of payment whatsoever.

Moreover, it does not appear the ransomware even asks for a Bitcoin payment in the first place. There is no indication of InfinityLock demanding any form of money when the encryption process is completed, which is even more surprising these days. After all, one has come to expect a demand for either Bitcoin or another cryptocurrency. All of this adds to the mystery of InfinityLock as a whole, and specifically what purpose it may serve in the end. Right now, that is still a big uncertainty, to say the least.

All things considered, using a fake Windows Command Prompt is pretty significant, albeit rather useless in the case of InfinityLock. Some developers continue to struggle when it comes to keeping their creations relevant, which forces them to explore less prominent features such as lockscreen updates. Luckily, it doesn’t appear InfinityLock is being distributed on a large scale right now. The world of ransomware never ceases to amaze; that much is certain.