• No events
AEC v1.0.4

Cyber Security Info

CryptoLocker ransomware is spreading rapidly

November 20, 2013

Share Button

The CryptoLocker malware emerged in September 2013. Unlike the previous malware types (such as Reveton) Cryptolocker is much more dangerous. This cryptovirus spreads via infected e-mail attachments (typically as false .pdf file). After infection it contacts control server and requests a public key than used to encrypt files of certain types on the drive of the computer. Cryptolocker encrypts also any connected external or network drives and deletes backups created by System Restore tool in Windows. After encryption is complete, the malware displays message urging the user to pay 300 USD or 2 bitcoin ransom to obtain the private key and encrypt the files in a time-frame of 72 or 100 hours. Later encryption is also available although for a significantly larger amount (10 BTC). Cryptolocker spreads mostly in English speaking countries (with 79% of infections in the USA). Bitdefender says that at the end of October it spread by more than 10000 infections a week. It could be presumed that current rate is even higher. Symantec believes that around 3% of users decide to pay the ransom.


Useful information about CryptoLocker and how to avoid infection may be found here.

Share Button