Cryptolocker

CryptoLocker is a ransomware trojan horse that is spread via email. The .exe file for CryptoLocker arrives in a ZIP file attached to an email message contains an executable file with the filename and the icon disguised as a PDF, taking advantage of Windows' default behaviour of hiding the extension from file names to disguise the .exe file extension for the program. CryptoLocker's payload encrypts the victim's files using a method of encryption that is extremely hard to crack (RSA-2048), and refuses to unlock the files until the ransom of 500 units of currency ($500, €500, £500, etc.) is paid. However, people who have paid the ransom have not had their files decrypted yet. It gives about 72 hours for the ransom to be paid, and if this is not done, then the program deletes the decryption code (preventing any recovery of data). The virus was last updated the 20th of November 2013 and isn't as notorious as previous versions.

Aliases

 * Trojan.Ransomlock (Symantec)
 * Ransom.C (AVG)
 * Trojan-Ransom.Win32.PornoBlocker.cel (NictaTech Free Web Scanner)
 * Ransom.Worm.Cryptlocker.a (Kaspersky)

Videos