What is the Blind Eye Locker Ransomware?
While examining new malware submissions to online threat databases, our research team discovered Blind Eye Locker, a ransomware program.
When tested, it turned out that Blind Eye Locker encrypted files and changed their names. During the encryption process, it showed a false Windows system update.
The files affected were renamed with a string of random characters, for instance, "1.jpg" became "Mi5wbmc=" and "2.png" became "NS5wcHR4". Subsequently, Blind Eye Locker generated a message called "README_[random_digit].txt" and deposited it on the desktop.
This note informed victims that their files were encrypted and that only the attackers could decrypt the data. Supposedly, the attackers would provide free data recovery, and the victims had to reach out to them. The ransomware does not seem to belong to any particular bigger family of ransomware variants.
Blind Eye Locker Uses Discord for Contact
The ransom note of the Blind eye Locker ransomware asks victims to contact the ransomware author through Discord - a very unusual and generally very insecure means of contact for a criminal, which might mean the author is very inexperienced. The full text of the ransom note reads as follows:
Blind Eye Locker
All of your files have been encrypted
Your computer was infected with a hornet ransomware . Your files have been encrypted and you won't
be able to decrypt them without our help.What can I do to get my files back?You can contact creator of this locker and decrypt your files for free , remove the
locker from your computer.decryption is frre so dont stress and concats us.Rember! you can only conctact creator by discord
Concact : Pomegranate(Tnipples)#4085
Your personal Id:
How Can Ransomware like Blind Eye Locker Infect Your Home Computer?
Blind Eye Locker, like other ransomware programs, can infect your home computer through various methods. One of the most common ways is through phishing emails, where attackers send you an email with a malicious attachment or link. When you open the attachment or click on the link, the ransomware program is downloaded and installed on your computer.
Another way that ransomware can infect your computer is through malicious websites or ads. These websites or ads can trick you into downloading and installing the ransomware program by offering fake software updates or other bogus services.
Additionally, ransomware can be spread through the use of infected external storage devices such as USB drives, which can transfer the malware to your computer when connected.
It is also important to note that outdated software and operating systems can also make your computer vulnerable to ransomware attacks. Attackers can exploit vulnerabilities in outdated software to install and execute the ransomware program.
To protect your computer from ransomware attacks, it is recommended to keep your software and operating system up-to-date, avoid opening suspicious emails and attachments, use anti-virus and anti-malware software, and regularly back up your important files.