New, improved DMA Locker ransomware patches decryption flaw
Researchers have spotted a new and improved version of the DMA Locker ransomware that fixed previous decryption woes.
The creators of the DMA Locker ransomware released an updated version that now includes a patch to fix a flaw that left earlier iterations easily decryptable.
The ransomware's third version now includes an RSA key and key validation, a researcher called Hasherezade said in a Tuesday Malwarebytes blog post. “This time the key necessary to decrypt files must be supplied not as a text, but as RSA key file,” the researcher explained.
“The author of this malware, despite appearing inexperienced in programming, seems to be very determined to gradually improve the quality of the product,” said Hasherezade wrote.
In addition to addressing the decryption flaw, coding in the previous versions was so shoddy that the malware would sometimes crash a computer before the victim received a ransom demand. It is unclear if that problem persists in the latest iteration of DMA Locker.