Mount Locker

Threat Actor

Starting around the end of July 2020, Mount Locker began breaching corporate networks. Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key.

Malware Used by this Threat Actor

No malware identified for this threat actor.