A relatively new Ransomware, LokiLocker, uses the standard extortion-through-encryption racket but also incorporates disk-wiper functionality.
Double extortion soared in popularity last year, with ransomware gangs stealing files before encrypting them to threaten victims with a sensitive data leak if they didn’t pay up.
BlackBerry Threat Intelligence is warning that LokiLock, first seen in August 2021, now features an “optional wiper functionality” to put increased pressure on victims.
Instead of using the threat of leaking a victim’s files to pressure them into paying, cybercriminals that use LokiLock’s customers threaten to overwrite a victim’s Windows Master Boot Record (MBR), wiping all files and rendering the machine unusable. But that tactic effectively ends all negotiations about payment, of course.