The security researchers from F-Secure have found a new type of ransomware. The ransomware has been titeld OphionLocker. OphionLocker tries to lure the victimized users to an website which is only accessible via the TOR browser. The OphionLocker encrypts all the files on the computer of the victim and it demands the victim to visit the domain which can only be accessed via the TOR browser. The victim has 72 hours before their encryption key will be deleted from the hacker database.
The victim will receive the following message from the OphionLocker ransomware:
Your important files you have on this computer have been encrypted: photos, videos, document, etc.
In order to recover these files you have to go :
http://smu743glzfrxsqcl.tor2web.org/ and buy the key to decrypt all your files.
from now on you have 72 hours to pay or the key will be permanently deleted from our server and you won’t EVER get your files back. Please go to : http://smu743glzfrxsqcl.tor2web.org/ to see the procedure. You can find this text on your desktop and documents folders.
The OphionLocker places various text files on the computer which hold the message above. The F-Secure researchers did some researcher and they navigated to the malicious site.
You can view the screenshots below:
You can read the F-Secure research here.