Incident Response, TDR

Experts discover TorLocker variant targeting Japanese speakers

Researchers at Symantec have discovered a variant of the TorLocker ransomware that's aimed at Japanese-speaking users.

While Japan has been a popular ransomware target for attackers, coming in as the second most attacked country by ransomware in November following the U.S., this marks the first ransomware variant that specifically targets Japanese speakers, according to a recent blog post.

Users can become infected by the variant by visiting compromised websites – many of which are popular sites that host blogs – or if an attacker targets vulnerabilities in software hosted on the victim's machine with a rented exploit kit, like Rig, which was observed to be used in attacks leveraging this variant.

Like many other ransomware threats, once files are encrypted and compromised, attackers are asking ransom fees. This particular variant demands fees that range from $500 to $3600. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.