A new ransomware-as-a-service (RaaS) has been discovered by SenseCy and Michael Gillespie. Despite the innocent name, the Princess Locker ransomware will encrypt your data, then demand a ransom of 3 bitcoins, or approximately $1800 USD. Once the victim has been infected, the Princess Locker will start to encrypt the host computer’s files, and then append a random extension to files that are encrypted. A unique ID for the victim is now created, which is believed to be uploaded to the ransomware’s Command and Control (C&C) Server.
Two files named “!_HOW_TO_RESTORE_
When the counter on the page goes down to 0, the ransom price will double, going up to 6 bitcoins, or approximately $3600 USD.