December 12, 2008
Doctor Web reports on discovery of a new Trojan — Trojan.Locker.8 — that emerged on the Internet on December 9, 2008. This malicious program blocks access to files and folders on a hard drive and offers a victim to contact authors of the malware for instructions to regain access to their information
The two megabyte Trojan file packed by ASPack is rather large for malware When the Trojan is launched, a key generator Window appears on the screen. While the window has nothing to do with actual activities of the malicious program, it shows that Trojan.Locker.8 can be disguised as a key generator designed by crackers to activate software products by Adobe Systems.
Once launched Trojan.Locker.8 renames files and folders on all disk partitions except the system partitions. New file names violate Windows file naming standards so files become inaccessible even though their content is unchanged. After that the program creates its copy (answer.exe) on the desktop and on all partitions containing inaccessible files. Running the file shows a warning message that informs a user that his data has been locked and offers to contact offers of the Trojan to unlock using contact information provided in the message.
Files on the system drive also become inaccessible including files placed in my documents and on the desktop even though the virus makers claim that no changes are done to the system drive..
Doctor Web offers a free utility to unlock access to files in a system compromised by the Trojan. It can be downloaded from the official web-site of the company. Doctor Web strongly advises against contacting the virus makers.
Tell us what you think
To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.
Other comments