Categories: Uncategorized

New “Heroes of the Storm” Ransomware is Based on HiddenTear

Ransomware can come in many different forms, sizes, and shapes. Every now and then, a unique version pops up which attracts some form of attention. RestoLocker is a malware type currently still in development. It is based on the HiddenTear family, which has been making the rounds for some time now. The Heroes of the Storm theme will turn quite a lot of heads, though.

RestoLocker can become a Problematic Malware Type

As is the case with any in-development type of malicious software, not too much is known about it in its current form. At least one ransomware sample has been identified by security researchers already and reveals some interesting features. Perhaps the most noteworthy is how it aims to ride the coattails of popular online game Heroes of the Storm. This entire ransomware variant is themed around this particular game, and it even uses the name to rename encrypted files.

While Heroes of the Storm is a very popular online game – especially in eSports – it has nothing to do with RestoLocker itself. For some reason, the latter’s developer assumed it would be funny to use this brand as a way to add some more color to the lock screen and a ransom note. Not too long ago, we came across a new ransomware version which used the Death Note theme. Criminals are struggling to come up with something new under the hood, so they often resort to using known brands as a way to raise awareness.

Related Post

RestoLocker currently renames encrypted files to the .HeroesOftheStorm extension. Once again, this has nothing to do with the game or its developers whatsoever. It is possible this malware was created to target specific HoTS players, though, as that would explain a thing or two. This is only speculation at this point, and it is unclear what the objective of this malware is in the long run. It is doubtful this new ransomware will impact the game’s reputation in any significant manner.

Preliminary research shows that RestoLocker is based on the HiddenTear ransomware family. In fact, a few dozen HiddenTear “clones” pop up every single week. This particular version caught our attention due to the Heroes of the Storm references, even though it does not seem to pack anything noteworthy under the hood. That does not mean this malware should be dismissed out of hand, but it is not something most people will give a second look unless they become infected.

It remains unclear how this malware is distributed exactly. Spam email campaigns seem to be the most likely culprit, although it can also be packaged as a drive-by-download on gaming websites. So far, the number of samples remains fairly limited, which indicates the actual distribution of this malware has yet to begin. It will be interesting to see how this software evolves once it passes the development stage. For now, it is impossible to tell if and when that will happen.

While most ransomware types demand a Bitcoin payment, there is no indication RestoLocker will do the same. We have seen some malware types demand payments through gift cards, iTunes codes, and the like. With so many unknowns regarding RestoLocker right now, its future remains uncertain. The references to Heroes of the Storm are quite worrisome, although mostly harmless for the time being.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

OKX Wallet Sees Whales Massive Moves; More on Plus Wallet & Coinbase  

Plus Wallet Impresses with its Speedy 15-Min Token Listings While Coinbase Unveils AI Tool &…

2 hours ago

100% Bonus with BlockDAG! Ethereum Eyes Breakout, Sui Plans To Expand

BlockDAG Rolls Out Limited Time 100% Bonus For Community While Ethereum Price Looks Bullish &…

3 hours ago

Best Crypto Wallets 2024: Top Choices for Security & Rewards

The 5 Best Crypto Wallets Worth Using in 2024 — Find Out Why Selecting a…

4 hours ago

Ethereum Ecosystem Primed For A November Rally – ETH Coins Chainlink (LINK), Toncoin (TON), And Cutoshi (CUTO) The Ones To Watch

With a Total Value Locked (TVL) of $50.72B, Ethereum is the world's largest blockchain, with…

11 hours ago

Analysts Predict a Rollblock 5000% Surge Dwarfing Pepe Coin and Popcat Recent Fame

The meme coin market has recently been surging once again; tokens such as Pepe and…

21 hours ago

FLOKI Dominates Meme Market as Rollblock ICO Skyrockets. Is Polkadot Losing Its Edge?

The FLOKI price has recorded over 300% yearly ROI, dominating crypto gains in the meme…

21 hours ago