Torrentlocker is the most recent ransomware infection that closely resembles two other well-known ransomware infections – CryptoWall and CrytpoLocker. Unfortunately, Torrentlocker ransomware is based on a completely authentic code, and that makes it very dangerous. At a given moment, malware experts revealed that mostly Australian users are affected by this malicious piece of software. Users outside Australia should not feel all that safe because it is more than likely that this invasive ransomware will spread to other continents pretty soon. If you are a security conscious user, you should know that system back up and a trustworthy antimalware tool are paramount in order to avoid the disastrous consequences that Torrentlocker ransomware could cause.
Torrentlocker ransomware encrypts various types of files just like its counterparts. It encrypts almost 100 different types of files, including .pxt, .doc, .txt, .jpg, .abd, .cmt, .ndd, and many others. After encryption is successfully finished, you will be displayed a warning message telling that your files are locked, and you will have to pay a certain amount of money to unlock them. At the moment, the fee is presented in Australian dollars. The ransom is about 0.8 BTC or roughly 500 AUD. The transaction can only be made via Bitcoin system as it provides total anonymity. The warning message also indicates the number of encrypted files in order to urge users to pay up.
What makes Torrentlocker ransomware different from its counterparts is that before it starts encrypting files on your PC it connects to a command-and-control (C&C) server to download the certificate and configuration files. The encryption only starts after the download. Moreover, the files can only be encrypted when there is an active Internet connection. If you found that Torrentlocker ransomware is present on your system before seeing the warning message, we strongly advise you to disconnect your machine from the Internet as it will reduce the number of encrypted files significantly.
Besides that Torrentlocker ransomware uses a different algorithm to encrypt files compared to CryptoWall or Cryptolocker. The Torrentlocker ransomware uses the Rijndael algorithm and the other two uses the RSA-2048.
The infection and some details about the encryption process are stored within the Windows registry system. Unfortunately, these registry entries will not be of any help in retrieving your files. But you should still delete them without hesitation.
The only way to restore your data is to obtain a unique password. It is advised not to pay the ransom as you might just be tricked by the cyber crooks. Removal of Torrentlocker ransomware is a must if you wish to secure your system from any other detrimental infections. Use a powerful antimalware tool for removal and overall security of your system.