![]() ![]() The virus infiltrates the target PC’s system, encrypts the files, and displays a ransom note.ĬryptoLocker versions uses RSA public-key cryptography to lock the following types of files on the victim’s PC:ģfr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx. The malware uses seemingly harmless email messages as a medium: these messages contain malicious attachments that carry the ransomware. Many other versions of the virus have emerged since then, but they are unrelated to the original one. The security company gained access to the database used by hackers to store all decryption keys, allowing users to recover their data. ![]() The computer shows ransomware notes in a “CryptoLocker” program which informs the victims they have 72 hours to recover their files.ĬryptoLocker virus terminated on June 2, 2014, when Operation Tovar blocked the Gameover Zeus botnet. CryptoLocker is a ransomware that has been active since September 2013.Īs soon as the data is encrypted, the hackers demand a ransom to recover the decrypter for the unusable files.
0 Comments
Leave a Reply. |