Updated TorrentLocker Ransomware Capable of Stealing Login Credentials

One of the most disconcerting cybersecurity headlines this week revolves around TorrentLocker resurfacing all of a sudden. This ransomware strain was believed to be defunct since 2015, yet nothing could be further from the truth. Not only will the revamped TorrentLocker encrypt files, but it is also equipped with tools to steal login credentials.

TorrentLocker Is Back, Unfortunately

As if the growing number of ransomware threats is not enough to worry about, criminals are now bringing defunct types of malware back from the dead. Although no one ever said TorrentLocker malware disappeared, the ransomware strain has not been heard of since 2015. That was until earlier this week, as researchers discovered a newer version on TorrentLocker which aims to cause even more havoc than before.

It has to be said, the TorrentLocker malware has surfaced under different names prior to 2015. Most people may know it as the CryptoLocker ransomware, which targeted Windows users since early 2014. In the summer of 2015, however, neither TorrentLocker nor CryptoLocker was ever heard from again. To this date, it remains unclear what happened exactly or why this malware type fell out of favor all of a sudden.

It appears the TorrentLocker developers were working hard on implementing new features into the malware. The recent version will encrypt computer files and any information stored on network-attached devices. However, the real threat is how the new TorrentLocker will also steal login credentials for any and all services one uses.

To make matters even worse, Torrentlocker is now capable of sharing itself to other computers through shared files. It is likely this will eventually allow the ransomware to take over entire computer networks and collaborative projects. A very disturbing development, albeit not one that is entirely unexpected. Malware distributors want to infect as many computers as possible. This also means the harvesting of credentials can spread to these other computers, putting a lot of consumers and enterprises at risk.

Distributing TorrentLocker has become the new top priority for a lot of cyber crime gangs, by the look of things. Heimdal Security researchers noted the distribution campaign is “very aggressive”. Keeping in mind how most antivirus software tools can’t protect against the malware right now, things could get very problematic in a short amount of time. Engineers are working on a solution to nullify the threat, albeit the process may take weeks or months to complete.

The most recent TorrentLocker distribution campaign is seemingly aimed at Danish computer users. That is rather intriguing, although it is not the first time European internet users are the primary target for TorrentLocker distributors. Italy especially has become a high-profile region for malware attacks. Rest assured this will not be the last we hear of the revamped TorrentLocker.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.