CTB-Locker Attacks in Europe and America New CryptoLocker ransomware

ESET's investigations reveal details of the criminal campaign CTB-Locker.

DecryptCryptoLocker CTB-Locker

Her researchers ESET have identified a new type of cyber attack that spreads across Europe and Latin America. The reason is a variation of the family ransomware known as CTB-Locker.

Below is information about the threat CTB-Locker as set out in the notice sent by the Commission ESET:

The CTB-Locker encrypts user files like this CryptoLocker, asking ransom in Bitcoin. According to ESET's research, the campaign has just begun. More information about CTB-Locker is available on ESET's information page WeLiveSecurity.com.

Early on Tuesday, 20 / 1 / 2015, ESET Researchers in Latin America identified repeatedly its action CTB-Locker, a filecoder detected by ESET telemetry as Win32 / FileCoder.DA.

The infection starts when the victim receives an e-mail with the subject "fax", with a copy-like attachment.

The embedded file is infected with Win32 / TrojanDownloader.Elenoocka.A - a trojan downloader trying to connect to the Internet to download and other malware - in this case Win32 / FileCoder.DA, also known as CTB-Locker. If executed on the victim's device, CTB-Löcker encrypts specific files on the device, locks the screen and a message for ransack.

ESET researchers also identified a similarity between CTB-Locker and CryptoLocker: "Both have a similar encryption pattern for victim files and differ only in the use of the encryption algorithm," notes Pablo Ramos, ESET Head of Research at Latin America. Also, as with CryptoLocker, the victim is asked to pay ransom to Bitcoin - about 8 Bitcoin (estimated value at about $ 1.680).

The best way to protect is the well-known triptych of security - backup files, update the software, and protect the device.

"The results of CTB-Locker's attack on a company or user who does not have a backup solution can be a real headache. In reports, we've seen companies pay thousands of dollars to retrieve their data, "concludes Ramos.

gr.pcmag.com

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news