TorrentLocker is a ransomware trojan targeting Microsoft Windows.[1] [2] It was first observed in February 2014, with at least five of its major releases made available by December 2014.[3] The malware encrypts the victim's files in a similar manner to CryptoLocker by implementing symmetric block cipher AES where the key is encrypted with an asymmetric cipher.[4]
TorrentLocker scans the system for programs and files, and conceals the contents through AES encryption leaving ransom instructions to the victim on what has to be done, and how to pay the decryption ransom.[5] The operator demands from the victim an amount that usually starts around within 3 days. The victim is told to pay the amount in Bitcoins, and is sent a unique Bitcoin address that differs for each infected user.[6] [7]