From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

TorrentLocker is a ransomware trojan targeting Microsoft Windows.[1][2] It was first observed in February 2014, with at least five of its major releases made available by December 2014.[3] The malware encrypts the victim's files in a similar manner to CryptoLocker by implementing symmetric block cipher AES where the key is encrypted with an asymmetric cipher.[4]

TorrentLocker scans the system for programs and files, and conceals the contents through AES encryption leaving ransom instructions to the victim on what has to be done, and how to pay the decryption ransom.[5] The operator demands from the victim an amount that usually starts around US$550 within 3 days. The victim is told to pay the amount in Bitcoins, and is sent a unique Bitcoin address that differs for each infected user.[6][7]

See also[edit]


  1. ^ "TorrentLocker (fake CryptoLocker) Ransomware Information Guide". Retrieved 4 December 2014.
  2. ^ "Ransomware pushers up their game against small businesses". pcworld. Retrieved 24 September 2015.
  3. ^ "TorrentLocker - Most Notorious Money Pilfering Malware". Retrieved 2016-04-20.
  4. ^ "Torrentlocker Malware-Overview". Retrieved 17 May 2016.
  5. ^ "How TorrentLocker Works to Encrypt the Victim File" (pdf). Retrieved 2 December 2014.
  6. ^ "Torrentlocker Malware". Retrieved 2016-05-17.
  7. ^ "TorrentLocker demands ransom through bitcoins". Retrieved 2014-12-23.