Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

New Ransomware ‘Crypt0L0cker’ Leads to Unwanted Chaos

Softpedia.com published news on 29th April, 2015 quoting a warning of experts as "a new ransomware with capabilities to encrypt file which is nicknamed as Crypt0L0cker (the alphabet "o" being replaced by a zero) by its writers, has been recently identified to target machines only in Europe, Asia along with Australia."

The malware threat has restriction geographically which stops it from getting installed on machines in the US.

Researchers say that it is not a variant of notorious CryptoLocker whose operation was disturbed in 2014 by Operation Tovar but looking at several similarities discovered (uses the same website for Bitcoin purchasing directions and the same communiqué method), it looks like a variant of TorrentLocker.

The malware reaches the computer of the recipient through fake emails which purport to notify the recipient about traffic violations or different kind of government's notification.

The moment Crypt0L0cker is installed it starts communication with the C&C server, sending a unique identifier about the compromised system and the campaign.

After this, the ransomware begins encrypting maximum of the files on the machine leaving only a group of them that are defined in a hardcoded catalog.

Once the encryption is completed it will make a file in every folder on your computer with a note and instructions to recover the encrypted files and will organize itself to boot whenever the Windows start with the ransomware note. It does this by adding a system.pif file to your Startup folder and an Autorun to the windows Registry.

The ransom notes of Crypt0L0cker created in each folder contain personal links to the Buy Decryption site through which you can have instructions on how to make a payment. It provides the links containing your personal ID and password so that you can have access to your own information only.

Ransomware infections like Crypt0L0cker amongst others have become the main reason for maintaining backups of your stored data on regular basis. It should be noted that paying ransom amount not only supports the cybercriminals malicious business model but to top it there is no guarantee of your files getting decrypted. Therefore, be careful while opening any unsolicited emails, experts conclude.

» SPAMfighter News - 5/6/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next