Ransomware
MountLocker
First seen: 2020-07 • Status: inactive
Currently Inactive
MountLocker kept changing names but eventually went quiet. Its hackers moved to other ransomware groups.
Overview
MountLocker was a RaaS that rebranded multiple times. Affiliates moved to other operations after it went quiet.
Also Known As
AstroLocker, XingLocker
How It Spreads
- • RDP exploitation
- • Initial access brokers
What It Does
- • File encryption
- • Data theft
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for rebrand indicators
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Standard ransomware response
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required