LockCrypt Ransomware Introduces Weaknesses Leading to Data Recovery
Target: Systems with weak security.
Attack Vector: Encryption.
Summary: LockCrypt ransomware has been lying low since June 2017 with updates making an appearance every couple of months. Researchers have recently discovered a weakness in the code, along with the possibility to recover data in some cases. The ransomware is often used by amateur attackers as the code is created for manual distribution so they are focused on a fast and easy gain in to the victims system.
Risk assessment summary: The threat is assessed as 4d LOW and the likelihood has been rated as POSSIBLE. Although the LockCrypt code has several weaknesses, if successful, it is able to encrypt files, resulting in data loss and the potential to pay a ransom to retrieve the files. LockCrypt has been manually created and therefore contains faults in the encryption process and the exploitation of the malware.