A victim then gets the message to pay a certain amount of money to decrypt the files. This two-key system encrypts the files with a public key, while a cybercriminal has the private decryption key. Once activated, Cryptolocker performs similarly to other types of ransomware - it scans your system for valuable files and then encrypts them by using asymmetric encryption. Users usually contracted it by opening seemingly innocent email attachments. Cybercriminals spread this malware via phishing emails and by using the existing Gameover ZeuS botnet. It utilized a trojan to intercept Windows devices. How does Cryptolocker work?Ĭryptolocker belongs to the ransomware family of viruses. New ransomware forms have emerged that rely more on targeted attacks rather than a wide distribution model. However, even though Cryptolocker is no longer a threat, ransomware attacks have been prevalent in the last few years and caused great damage.
During this operation, a security company obtained the Cryptolocker keys database and developed an online tool that helped to decrypt the files without victims having to pay the ransom.
This piece of malware was successfully taken down via Operation Tovar. It successfully extorted around $3B dollars. History of CryptolockerĬryptolocker was especially prevalent between September 2013 and May 2014. Cryptolocker is a type of malware that encrypts files on your device and network and holds them for ransom.
0 kommentar(er)
