Mount Locker Ransomware Aggressively Changes Up Tactics

Mount Locker Ransomware
Share It On:

24th April 2021, Kathmandu

Mount Locker group first announced their ransomware-as-a-service offering in the second half of 2020, and attacks attributed to the variant have been on the rise since. In early November 2020, an update was released broadening the types of files targeted and improving the ransomware’s ability to evade security measures. It also appears that Mount Locker may be transitioning to Astro Locker, as the verbiage and victims listed on both variants’ shaming sites share significant overlap. While it’s not too uncommon for malware to change names, this change is paired with an aggressive shift in Mount Locker’s tactics.

Traditionally, Mount Locker ransomware is known for using public tools to move laterally, steal files, and deploy encryption. Attackers deploying Mount Locker use its capabilities for double extortion of victims. Initial access vectors vary, but once a foothold is gained common tactics include the use of AdFind and Bloodhound for Active Directory and user reconnaissance, FTP for file exfiltration, and CobaltStrike for lateral movement and the delivery and execution of encryption, potentially through psExec. Critical data is staged and exfiltrated to be used as further collateral in extorting ransoms, with threats to release the data if the ransom is not paid.


Share It On:

Recent Posts

Transforming Rural Education in Nepal: Huawei’s Smart Classroom Project

Transforming Rural Education in Nepal: Huawei’s Smart Classroom Project

Share It On:22nd January 2025, Kathmandu In a significant step toward bridging the digital divide, Huawei has completed the Smart

Empowering Nepali Entrepreneurs: eSewa and SDC Launch New Insurance Solutions

Empowering Nepali Entrepreneurs: eSewa and SDC Launch New Insurance Solutions

Share It On:22nd January 2024, Kathmandu eSewa, Nepal’s leading digital payment platform, has announced a strategic partnership with the Swiss

Nepal’s IT Ordinance 2025: A Milestone with Challenges Ahead

Nepal’s IT Ordinance 2025: A Milestone with Challenges Ahead

Share It On:22nd January 2024, Kathmandu Green Light for Nepal’s IT Sector: Government Delivers, But Are We Ready to Execute?”

ICFC Finance 9% Debenture Issue 2088: 7-Year Maturity, Apply Now via ASBA & Mero Share

ICFC Finance 9% Debenture Issue 2088: 7-Year Maturity, Apply Now

Share It On:22nd January 2025, Kathmandu ICFC Finance Limited has opened its new debenture issuance today, January 22, 2025 (Magh

  • by Mina Aryal
  • January 22, 2025
Nepal SBI Bank Prioritizes Cybersecurity With Leadership Training

Nepal SBI Bank Prioritizes Cybersecurity With Leadership Training

Share It On:22nd January 2025, Kathmandu Cybersecurity Awareness session for the Board of Directors and Senior Management of Nepal SBI

Nepal Finance Reports Q2 Profit Surge: Expanded Loan Portfolio & Improved Financial Performance

Nepal Finance Reports Q2 Profit Surge: Expanded Loan Portfolio &

Share It On:22nd January 2025, Kathmandu Nepal Finance Limited has seen a dramatic rise in its profits and reserves, driven

  • by Mina Aryal
  • January 22, 2025