Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Trend Micro Discovers CTB-Locker Ransomware in Fresh Version

Security researchers from Trend Micro the security company have detected one fresh version of CTB-Locker ransomware known as Critroni, the company said.

Apparently cyber crooks executing the CTB-Locker are both generous and gluttonous as they give victims, infected with the malware, longer time for making the ransom payment while also lets them unlock a few files without paying anything extra. Conversely, the ransom amount is now raised considerably.

Trend Micro explains that the malware is spread via spam mails, with a few distributed through the infamous Cutwail network of bots. There is an attachment in the spam mail which carries one downloader dubbed TROJ_CRYPCTB.SMD.

When this installer is run, TROJ_CRYPCTB.SME (reference to the ransomware) gets pulled down from a URL from a group of many.

The ransomware locks vital files after contaminating the system followed with exhibiting a ransom amount which the victim is directed for paying in Bitcoin through the anonymous Tor network.

Notably, CTB-Locker's earlier versions were created for providing end-users just 72-hrs for making the ransom payment, however, now it is 96-hrs with the current variant. What's more, victims can presently unlock 5 files from the total encrypted without paying anything extra.

This non-chargeable unlocking of files apparently is one way for persuading victims towards making the ransom payment by making it appear that the remaining locked files could really get restored once they make the payment.

One more distinct feature of the new version is its provision of different languages in addition to English for communication over e-mail. Hitherto, 3 additional languages have been detected which are Dutch, German and Italian.

However, to remain protected, the first step is to check the incoming message for a spam by examining the sender's e-mail id, caption as well as importantly the e-mail content whether any of the three looks suspicious.

And though the 'free unlocking' lure maybe tempting enough to get the victim make the ransom payment, there's indeed little assurance that the crooks would really unlock all the files to let everything become usual again.

Accordingly, end-users must remember to regularly maintain data back-up, advises Trend Micro.

» SPAMfighter News - 2/3/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page