TorrentLocker

{{Infobox malware

| common_name =

| image =

| caption =

| image2 =

| caption2 =

| technical_name =

| Aliases =

| Type = Ransomware

| subtype =

| classification = Trojan

| family =

| isolation_date =

| Origin =

| Author =

| Date =

| Location =

| Theme =

| Target =

| outcome =

| losses =

| suspect =

| convicted =

| sentence =

| version =

| OS = Microsoft Windows

| package =

| filename =

| filetype =

| filesize =

| exploit =

| ports_used =

| language =

| discontinuation_date =

| version1 =

| OS1 =

| package1 =

| filename1 =

| filetype1 =

| filesize1 =

| exploit1 =

| ports_used1 =

| language1 =

| discontinuation_date1 =

}}

TorrentLocker is a ransomware trojan targeting Microsoft Windows.{{cite web|url=http://www.bleepingcomputer.com/virus-removal/torrentlocker-cryptolocker-ransomware-information#TorrentLocker |title=TorrentLocker (fake CryptoLocker) Ransomware Information Guide|accessdate=4 December 2014}}{{cite web | url= http://www.pcworld.com/article/2985826/security/ransomware-pushers-up-their-game-against-small-businesses.html |title= Ransomware pushers up their game against small businesses |publisher=pcworld|accessdate=24 September 2015}} It was first observed in February 2014, with at least five of its major releases made available by December 2014.{{cite web | url= http://www.cxotoday.com/story/here-are-10-notorious-money-pilfering-malware/ |title= TorrentLocker - Most Notorious Money Pilfering Malware|accessdate= 2016-04-20 }} The malware encrypts the victim's files in a similar manner to CryptoLocker by implementing symmetric block cipher AES where the key is encrypted with an asymmetric cipher.{{cite web|url=http://www.kaspersky.com/internet-security-center/threats/torrentlocker-malware |title= Torrentlocker Malware-Overview |accessdate=17 May 2016}}

TorrentLocker scans the system for programs and files, and conceals the contents through AES encryption leaving ransom instructions to the victim on what has to be done, and how to pay the decryption ransom.{{cite web |url=http://www.welivesecurity.com/wp-content/uploads/2014/12/torrent_locker.pdf |title= How TorrentLocker Works to Encrypt the Victim File|accessdate=2 December 2014}} The operator demands from the victim an amount that usually starts around {{USD|550}} within 3 days. The victim is told to pay the amount in Bitcoins, and is sent a unique Bitcoin address that differs for each infected user.{{cite web|url=http://www.welivesecurity.com/2014/12/16/torrentlocker-racketeering-ransomware-disassembled-by-eset-experts/ |title=Torrentlocker Malware |date=16 December 2014 |accessdate=2016-05-17}}{{cite web | url= https://www.communications.gov.au/what-we-do/internet/stay-smart-online/alert-service/torrentlocker-ransomware-infects-thousands-computer-systems-Australia |title=TorrentLocker demands ransom through bitcoins |accessdate=2014-12-23 }}