Cryptolocker

virusIn September of 2013, the Cyptolocker virus is thought to have been posted online. Part of a new class of malicious software called ransomware, it would encrypt infected files and then demand a ransom from users for the decryption key. Spread through email attachments and also distributed by the Zeus botnet, it’s responsible for extorting an estimated $3 million from infected victims. After encrypting files using public RSA keys, it would display a message demanding payment via bitcoin or cash vouchers. In 2014, a joint police sting called Operation Tovar took down the Zeus botnet and recovered the database of private keys used by Cryptolocker. An online tool was later created to allow users to get their keys and decrypt files. Several other versions of this ransomeware came later using variations of the original “cryptolocker” name.

Comments are closed.