New Ransomware Goes After Your TurboTax Files and Publishes Victims Files on Public Extortion Site

A new ransomware was reported by BleepingComputer named Mount Locker. The ransomware was analyzed by Advanced Intel’s Vitali Kremez. This one goes after your TurboTax .ta* files for specific years. Mount Locker also has a data leak site like many other ransomware gangs. The cybercriminals threaten to publish your tax data if you don’t pay up. If you’re a TurboTax user make sure you back up all your Turbotax data to external detached flash media.

“When encrypting a computer, Mount Locker only encrypts files that have certain file extensions. With the latest version, the ransomware developers are now targeting the .tax , .tax2009 , .tax2013 , and .tax2014 file extensions associated with the TurboTax tax preparation software.”

More here.

Featured Webinars

Advanced Phishing and

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service