How does it spread?
CTB Locker is delivered through aggressive spam campaigns. The e-mail message pretends to be related to a FAX message that needs your immediate attention. When the e-mail is accessed, the potential victim is asked to download and access an attached zip file.
If the zip file is accessed, the data on the system is encrypted and the victim asked for a ransom in order to receive the decryption key.
How does it work?
We will present below, without entering into too much technical information, the main steps that take place in the infection phase:
- As we said above, the infection starts with an e-mail received by the victim and with an attached ZIP file.
- When the ZIP file is accessed, a downloader is placed on the system.
- The downloader uses a list to connect to a number of domains controlled by hackers, from where it can download the CTB Locker.
- One of the compromised domains sends back and installs CTB Locker on the system.
- The ransomware encrypts the system data with “Elliptical Curve Encryption”.
- A warning is presented on the screen with instructions on how to pay for the decryption key by using the bitcoin system.
The best solution is to pay attention to the emails, and never download any unknown attachment.
CTB-Locker is yet another virus that asks for ransom money from the victim. Hackers have also traversed the road to innovation the same as computers and gadgets have. These hackers found a way to get money through viruses. CTB-Locker gets into the computer when a user isn’t careful and he clicks on suspicious ads and malicious websites that pop out. As easy as pie, CTB-LockerRansomware will immediately lock the computer screen and block the user from using it entirely.
CTB-Locker will then show a message that says “Your computer was automatically blocked”. CTB-Locker even uses big names such as the National Security Bureau to make things more believable, but the truth is, the National Security Bureau isn’t even under the United States! The threat level of CTB-Locker is 1 out of 5, but it should never be taken for granted, because it is still a virus.
And have a cloud Backup, register now 2.65$ and safe your mind.