An advert posted online seeking aid in the development in a new and cheap ransomeware kit caused worry among security firms and companies this week, but researchers have yet to see any hard evidence of its existence.
Security researchers at MalwareMustDie posted a blog entry featuring a screenshot of the post on an underground forum. The post immediately caused connections to be made with CryptoLocker.
Concerning
Researchers at security tools firm AlienVault and web and email security firm AppRiver both downplayed the threat posed by PrisonLocker, which has yet to result in any real world threat and, perhaps, never will.
Jaime Blasco, director at AlienVault Labs, told The Register: "Based on the research I did on this and checking my sources, most of PowerLocker/PrisonLocker is hype since the only information available is a person that is supposedly developing this new ransomware – but it is not still ready."
Troy Gill, a security analyst at AppRiver, added: "I don't think that this kit has been put into use yet, however it is quite concerning, since we have seen how widespread kits have become for cybercriminals."
"Of course just like CryptoLocker, the best way to protect your data is a cold back-up. As long as offline backups are made regularly, the damage inflicted by this malware will be minimal."
Cryptolocker already infects around 250,000 computers in the UK