Threat Management, Malware, Threat Management

New, improved DMA Locker ransomware patches decryption flaw

The creators of the DMA Locker ransomware released an updated version that now includes a patch to fix a flaw that left earlier iterations easily decryptable.

The ransomware's third version now includes an RSA key and key validation, a researcher called Hasherezade said in a Tuesday Malwarebytes blog post. “This time the key necessary to decrypt files must be supplied not as a text, but as RSA key file,” the researcher explained. 

“The author of this malware, despite appearing inexperienced in programming, seems to be very determined to gradually improve the quality of the product,” said Hasherezade wrote.

In addition to addressing the decryption flaw, coding in the previous versions was so shoddy that the malware would sometimes crash a computer before the victim received a ransom demand. It is unclear if that problem persists in the latest iteration of DMA Locker.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.