Call 24/7: +1 (800) 972-3282

8lock8 Ransomware: History & Protection

Bogdan Glushko

Bogdan Glushko

CEO at SalvageData Recovery, Bogdan Glushko has over 18 years of experience in high-security data recovery. Over the years, he's been able to help restore data after logical errors, physical failures, or even ransomware attacks, for individuals, businesses, and government agencies alike.

Socials:

Bogdan Glushko

Bogdan Glushko

CEO at SalvageData Recovery, Bogdan Glushko has over 18 years of experience in high-security data recovery. Over the years, he's been able to help restore data after logical errors, physical failures, or even ransomware attacks, for individuals, businesses, and government agencies alike.

Socials:

I think there's an issue with my storage device, but I'm not sure Start a free evaluation →

I need help getting my data back right now Call now (800) 972-3282

What is 8lock8?

It is a member of the 8lock8 Ransomware family and uses the same encryption algorithm as its predecessors. 8lock8 encrypts victims’ files using AES-256 encryption and demands a ransom for the decryption key. The 8lock8 leaves a ransom note named 8lock8-DECRYPT.txt on the victims’ desktops, with instructions on how to contact the attackers and pay the ransom.

History

8lock8 Ransomware was first discovered by malware researcher Michael Gillespie on May 8th, 2017. 8lock8 is a variant of the Locky Ransomware, which was first discovered in February 2016. 8lock8 uses the same encryption algorithm as the Locky, which is a variant of the RSA algorithm.

The 8lock8 is written in the Go programming language and compiles to a standalone executable. The 8lock8 is signed with a valid certificate, which allows it to bypass most AV software. 

How does 8lock8 work?

When 8lock8 is executed, it first checks if the computer is connected to the Internet. If it is, 8lock8 Ransomware will contact its C&C server and send information about the infected computer, including the IP address, OS version, username, and hostname. 8lock8 virus will then generate a unique encryption key and IV for each victim and encrypts the victims’ files using AES-256 encryption. 8lock8 Ransomware will append the “.locked” extension to the encrypted files. This Ransomware will also delete the shadow copies of the victims’ files and disable the Windows Restore function.

How to protect yourself from 8lock8 Ransomware?

The best way to protect yourself from 8lock8 is to have a reliable anti-malware solution installed on your computer and keep it up to date. You should also never open email attachments from unknown senders or click on links from untrustworthy websites.

How to remove 8lock8?

If attackers infected you with 8lock8, you can use a reliable anti-malware solution to remove it from your computer. You should also never attempt to remove 8lock8 Ransomware manually, as you could delete important system files and cause permanent damage to your computer.

How to recover 8lock8 Ransomware encrypted files?

The only way to decrypt 8lock8 encrypted files is with the private decryption key. The 8lock8 Ransomware attackers will only give you the decryption key if you pay the ransom. We do not recommend paying the ransom as there is no guarantee that the 8lock8 Ransomware attackers will give you the decryption key even if you pay. You should also never attempt to decrypt 8lock8 Ransomware encrypted files yourself, as you could permanently damage your computer.

Is there a public decryption tool?

At the moment, there is no working 8lock8 Ransomware decryption tool. However, researchers are constantly working on developing a decryption tool and we will update this article as soon as a working decryption tool is available.

Contact a data recovery service

If 8lock8 Ransomware has encrypted your files, you should not pay the ransom. Instead, you can contact a data recovery service like SalvageData. With 18 year history, a successful present, and a dedication to future success, SALVAGEDATA has earned the reputation as a trusted and respected data recovery service provider in the industry. We offer a free consultation to help you determine the best course of action for your situation. We have successfully recovered data from many 8lock8 Ransomware victims and can help you too. Click here to contact us.

 

Share

Related Services

Ransomware Recovery

We specialize in identifying and recovering data affected by ransomware attacks, ensuring rapid response and secure restoration of your systems when you need it most.

Backup

We help recover lost data from backup systems, ensuring that critical information is restored swiftly and securely to minimize operational downtime.

Data Recovery

We offer comprehensive data recovery solutions with a 97% success rate and a "no data, no charge" guarantee, ensuring secure and efficient recovery for all types of data loss scenarios.