{"id":2522,"date":"2021-04-23T22:37:06","date_gmt":"2021-04-24T03:37:06","guid":{"rendered":"https:\/\/truxgoservers.com\/blog\/?p=2522"},"modified":"2021-04-23T22:37:07","modified_gmt":"2021-04-24T03:37:07","slug":"mount-locker-is-an-aggresive-ransomware","status":"publish","type":"post","link":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/","title":{"rendered":"Mount Locker is an aggresive Ransomware"},"content":{"rendered":"\n<p>Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And the change in tactic appears to coincide with a renaming of the malware to &#8220;AstroLocker.&#8221; According to investigators, Mount Locker has been a fast-moving threat.<\/p>\n\n\n\n<p>As we well know, ransomware not only locks files, but also steals data and threatens to leak it if the ransom is not paid and this is the same case with Mount Locker, in a double extortion tactic. They are also known for demanding multi-million dollar ransoms and stealing huge amounts of data.<\/p>\n\n\n\n<p>In terms of technical approach, Mount Locker uses legitimate out-of-the-box tools to move sideways, steal files, and implement encryption, this includes the use of AdFind and Bloodhound for Active Directory and user awareness; FTP for file exfiltration; and the CobaltStrike pen test tool for lateral movement and cipher delivery and execution, potentially via psExec.<\/p>\n\n\n\n<p>The Mount Locker group may want to rebrand to create a new, more professional image, or it could be an attempt to launch a true ransomware-as-a-service (RaaS) program. Regardless, if any organization becomes a victim of Astro Locker in the future, they should investigate both Mount Locker and Astro Locker TTPs.<\/p>\n\n\n\n<p>Experts agree that Mount Locker is increasing its capabilities and becoming a more dangerous threat. These scripts were not just general steps to disable a wide variety of tools, but were customized and targeted at the victim&#8217;s environment.<\/p>\n\n\n\n<p>Check also:<br><a href=\"https:\/\/truxgoservers.com\/blog\/purelocker-ransomware-that-encrypts-servers\/\">PureLocker Ransomware that encrypts servers<\/a><br><a href=\"https:\/\/truxgoservers.com\/blog\/cyborg-ransomware-distributed-through-email\/\">Cyborg Ransomware distributed through Email<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And the change in tactic appears to coincide with a renaming of the malware to &#8220;AstroLocker.&#8221; According to investigators, Mount Locker has been a fast-moving threat. As we well know, ransomware not only locks files, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2523,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[36],"class_list":["post-2522","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mount Locker is an aggresive Ransomware - Truxgo Server Blog<\/title>\n<meta name=\"description\" content=\"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"es_MX\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mount Locker is an aggresive Ransomware - Truxgo Server Blog\" \/>\n<meta property=\"og:description\" content=\"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........\" \/>\n<meta property=\"og:url\" content=\"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Truxgo Server Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-24T03:37:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-24T03:37:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"450\" \/>\n\t<meta property=\"og:image:height\" content=\"287\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Truxgo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Truxgo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuto\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/\"},\"author\":{\"name\":\"Truxgo\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/person\\\/8b409c26449db6aa09724b45331e333e\"},\"headline\":\"Mount Locker is an aggresive Ransomware\",\"datePublished\":\"2021-04-24T03:37:06+00:00\",\"dateModified\":\"2021-04-24T03:37:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/\"},\"wordCount\":261,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/new-1.jpg\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/\",\"name\":\"Mount Locker is an aggresive Ransomware - Truxgo Server Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/new-1.jpg\",\"datePublished\":\"2021-04-24T03:37:06+00:00\",\"dateModified\":\"2021-04-24T03:37:07+00:00\",\"description\":\"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/new-1.jpg\",\"contentUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/new-1.jpg\",\"width\":450,\"height\":287},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/mount-locker-is-an-aggresive-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mount Locker is an aggresive Ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\",\"name\":\"Truxgo Server Blog\",\"description\":\"Cloud Server and Hosting Tutorials.\",\"publisher\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\",\"name\":\"Truxgo Server Blog\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cropped-truxgo-logo-blanco.png\",\"contentUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cropped-truxgo-logo-blanco.png\",\"width\":1250,\"height\":278,\"caption\":\"Truxgo Server Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/person\\\/8b409c26449db6aa09724b45331e333e\",\"name\":\"Truxgo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"caption\":\"Truxgo\"},\"sameAs\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\"],\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/author\\\/truxgo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mount Locker is an aggresive Ransomware - Truxgo Server Blog","description":"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/","og_locale":"es_MX","og_type":"article","og_title":"Mount Locker is an aggresive Ransomware - Truxgo Server Blog","og_description":"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........","og_url":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/","og_site_name":"Truxgo Server Blog","article_published_time":"2021-04-24T03:37:06+00:00","article_modified_time":"2021-04-24T03:37:07+00:00","og_image":[{"width":450,"height":287,"url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg","type":"image\/jpeg"}],"author":"Truxgo","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Truxgo","Tiempo de lectura":"1 minuto"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#article","isPartOf":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/"},"author":{"name":"Truxgo","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/person\/8b409c26449db6aa09724b45331e333e"},"headline":"Mount Locker is an aggresive Ransomware","datePublished":"2021-04-24T03:37:06+00:00","dateModified":"2021-04-24T03:37:07+00:00","mainEntityOfPage":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/"},"wordCount":261,"commentCount":0,"publisher":{"@id":"https:\/\/truxgoservers.com\/blog\/#organization"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg","keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/","url":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/","name":"Mount Locker is an aggresive Ransomware - Truxgo Server Blog","isPartOf":{"@id":"https:\/\/truxgoservers.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg","datePublished":"2021-04-24T03:37:06+00:00","dateModified":"2021-04-24T03:37:07+00:00","description":"Mount Locker is a threat that arises among the many Ransomwares which we will see today and how this threat works........","breadcrumb":{"@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#primaryimage","url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg","contentUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/04\/new-1.jpg","width":450,"height":287},{"@type":"BreadcrumbList","@id":"https:\/\/truxgoservers.com\/blog\/mount-locker-is-an-aggresive-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/truxgoservers.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Mount Locker is an aggresive Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/truxgoservers.com\/blog\/#website","url":"https:\/\/truxgoservers.com\/blog\/","name":"Truxgo Server Blog","description":"Cloud Server and Hosting Tutorials.","publisher":{"@id":"https:\/\/truxgoservers.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/truxgoservers.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/truxgoservers.com\/blog\/#organization","name":"Truxgo Server Blog","url":"https:\/\/truxgoservers.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2020\/08\/cropped-truxgo-logo-blanco.png","contentUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2020\/08\/cropped-truxgo-logo-blanco.png","width":1250,"height":278,"caption":"Truxgo Server Blog"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/person\/8b409c26449db6aa09724b45331e333e","name":"Truxgo","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","caption":"Truxgo"},"sameAs":["https:\/\/truxgoservers.com\/blog"],"url":"https:\/\/truxgoservers.com\/blog\/author\/truxgo\/"}]}},"_links":{"self":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/comments?post=2522"}],"version-history":[{"count":2,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2522\/revisions"}],"predecessor-version":[{"id":2529,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2522\/revisions\/2529"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/media\/2523"}],"wp:attachment":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/media?parent=2522"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/categories?post=2522"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/tags?post=2522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}