FrozrLock

FrozrLock targets Windows OS and has surfaced on the Dark Web on a Ransomware-as-a-Service (RaaS) platform, sold for approximately $220 worth of Bitcoin and advertised by the developer as a "great security tool that encrypts most of your files in several minutes." FrozrLock is written in C#, supports .NET Framework versions newer than 4.5, deletes its own loader and executable, and can encrypt files using Twofish256, AES-256, and RSA-4096. FrozrLock does not append any extensions to the names of encrypted files. Initially, it was detected in Russia and was spreading via JavaScript downloaders named Contract_432732593256.js.

  • Bleeping Computer provides more information about FrozrLock RaaS here.
  • The NJCCIC is not currently aware of any free decryption tool available for FrozrLock RaaS.

 

Image Source: Bleeping Computer