UK’s NFIB Issues Warning on TorrentLocker Ransomware

The UK’s National Fraud Intelligence Bureau (NFIB) has warned the public after a spate of attacks involving TorrentLocker, one of several forms of crypto-ransomware.

Victims have received e-mails posing to originate from British Gas, Ministry of Justice or Home Office. The messages contain links to view supposed billing or ‘court case’ information. In a recent twist, recipients are asked to fill in the CAPTCHA field with the code provided, after which TorrentLocker is downloaded onto the computer.

Join the iFX EXPO Asia and discover your gateway to the Asian Markets

The malware proceeds to encrypt all files on the machine and any server it is attached to, demanding a ransom of £330 in bitcoin.

Bitcoin is ideal for ransomware, as it is nearly impossible to trace to the cyber-thief and cannot be seized by law enforcement or banks.

The agency has warned the public never to open attachments from unsolicited e-mails. Instead of clicking on links, recipients should navigate on their own to the relevant website to check out the supposed information. In addition, should one’s PC become infected, it should be disconnected from the network immediately to prevent the malware from spreading.

Once files are locked, they can’t be decrypted unless the keys have been discovered, such as how Kaspersky did for CoinVault.

Last month, the FBI issued a similar warning, noting that victims have lost a total of $18 million.