MALWARE: Lockergoga

Once installed, LockerGoga modifies the user accounts in the infected system by changing their passwords. It also tries to log off users logged in to the system. It would then relocate itself into a temp folder then rename itself using the command line (cmd). The command-line parameter used does not contain the file paths of the files targeted for encryption.


Incidents Caused by this Malware

  • May 18, 2019: Norsk Hydro Production lines stopped
  • March 12, 2019: Hexion/Momentive Global IT Outage
  • January 24, 2019: Altran Technologies IT Shutdown

Threat Actors Known to use this Malware

No threat actors identified

Pin It on Pinterest

Scroll to Top
Scroll to Top