Threat Landscape Dashboard

Assessing today's threats and the relationships between them

ProLock - Ransomware

The ProLock ransomware family appeared on the threat landscape in early 2020 and continues to evolve. The malware gains access to networks through weak/unprotected RDP servers or the QakBot trojan distributed through phishing campaigns with malicious attachments or links. PowerShell is used to load the payload in memory which is extracted from a BMP, CSV or JPG file. The ransom note reports if the funds are not paid the stolen files will be published to social networks and public media.
Name Modified Date Sources
ProLock - Ransomware 2020-09-15