New, improved DMA Locker ransomware patches decryption flaw

Researchers have spotted a new and improved version of the DMA Locker ransomware that fixed previous decryption woes.
Researchers have spotted a new and improved version of the DMA Locker ransomware that fixed previous decryption woes.

The creators of the DMA Locker ransomware released an updated version that now includes a patch to fix a flaw that left earlier iterations easily decryptable.

The ransomware's third version now includes an RSA key and key validation, a researcher called Hasherezade said in a Tuesday Malwarebytes blog post. “This time the key necessary to decrypt files must be supplied not as a text, but as RSA key file,” the researcher explained. 

“The author of this malware, despite appearing inexperienced in programming, seems to be very determined to gradually improve the quality of the product,” said Hasherezade wrote.

In addition to addressing the decryption flaw, coding in the previous versions was so shoddy that the malware would sometimes crash a computer before the victim received a ransom demand. It is unclear if that problem persists in the latest iteration of DMA Locker.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS