Antivirus security company MalwareHunterTeam announced in Twitter a new threat to the computers of millions of users. We are talking about the StalinLocker / StalinScreamer malware.
Named after the Soviet leader, the screen lock easily bypasses the built-in protection Windows 10, blocks system processes, displays a picture of Stalin, plays the USSR anthem (file USSR_Anthem.mp3) … and extorts money in the spirit of the wildest kind of capitalism.
If you do not enter the code within ten minutes, the malware starts deleting files from all PC drives in alphabetical order. Each subsequent reboot reduces the time required to enter the unlock code by three times.
The virus will start deleting files from the computer if the user does not have time to enter the code within 10 minutes
However, not everything is so bad. Judging by the program code extracted by MalwareHunterTeam experts, the virus is still in development, albeit at the final stage. Users have time to prepare. However, dealing with StalinLocker is not difficult.
First, Stalin's viral activity is easily detected by most popular antiviruses. Secondly, the malicious program completely self-destructs after the introduction of a code that can be easily calculated as the difference between the current date and the date of the foundation of the USSR, 1922.12.30.
Experts advise users not to panic and the first step is to update the anti-virus databases or install the latest version of one of the popular antiviruses if, for some reason, there is still no reliable protection on the computer.
Do not console yourself with the thought that coping with StalinLocker / StalinScreamer is quite simple – there are no guarantees that attackers will not post more 'advanced' modifications of the malicious program to the network. Therefore, do not forget about the timely updating of antivirus software.
If the infection of a computer with Windows 10 did occur, in no case pay cybercriminals! Try to enter the code using the algorithm described above. If you come across a more 'tricky' modification of the blocker and the code does not work, it is better to immediately turn off your PC and seek help from specialists.