ProLock Ransomware

Detected in March 2020, ProLock.Ransomware is a newly identified “human-operated” file-encrypting windows strain. ProLock is the successor of another ransomware strain “PwndLocker” that had a flaw in its code, which lead victims to decrypt data without having to pay a ransom.

The designers of the malware upgraded the malicious code of PwndLocker and renamed it to ProLock. Since its first identification, ProLock has seen hitting global organizations. Besides, the malware is reportedly targeting healthcare organizations, retailers, financial institutions, and government entities.

Researchers found that even after paying a ransom, the decryptor of ProLock ransomware could contaminate internal files of a system.

Read SISA’s security advisory to understand the history, background, and recent developments concerning ProLock Ransomware.

The advisory covers complete details about the attack patterns, Indicators of Compromise (IoCs) of the ransomware. Then, it gives a few security best practices to occlude ProLock from intruding into information systems and illegal data encryption.

Get your copy now!

Advisory - ProLock Ransomware

First Name *

Last Name *

Company Name *

Designation

Work Email *

Contact No.

Country *

SISA is a forensics-driven cybersecurity company that helps secure businesses with robust preventive, detective and corrective security services and solutions. SISA offers products and services for risk assessment, security compliance and validation, monitoring and threat hunting, as well as training for various payment security certifications.

Industry recognition by CREST, CERT-In and SWIFT serves as a testament to our skill, knowledge, and competence.

With 2,000+ clients spread across 40+ countries, we leverage our learnings to provide true security, fanatic support and real business value to our customers.