|  Source: 


Industry: N/A | Level: Tactical | Source: Blackberry

LokiLocker is a new ransomware operation that has been slowly making itself known. Blackberry’s Research and Intelligence Team said it was first seen in the wild Mid-August 2021. LokiLocker is a ransomware-as-a-service (RaaS) and shares some similarities to LockBit, but doesn’t seem to be a direct descendant. Blackberry researchers estimate that LokiLocker currently has around 30 affiliates. LokiLocker also boasts an optional wiper functionality – if the victim doesn’t pay up in the timeframe specified by the attacker, all non-system files will be deleted and the MBR overwritten, wiping all the victim’s files and rendering the system unusable.

  • Anvilogic Use Cases:
  • Windows Firewall Diasabled
  • Windows Defender Disabled Detection
  • Create/Modify Schtasks
  • New AutoRun Registry Key
  • Service Stop Commands

Get trending threats published weekly by the Anvilogic team.

Sign Up Now