AttackIQ has released a new attack graph that emulates the behaviors of LokiLocker ransomware, a .NET based strain active since at least mid-August 2021. The malware combines defense evasion and impact techniques, including disabling Task Manager and Windows Firewall, as well as deleting Volume Shadow Copies to hinder detection and prevent restoration.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/02/emulating-the-systematic-lokilocker-ransomware/
