Introduction to Crypt0locker
Post image

Author: Lucas Fraser

Date: February 01, 2017

CryptoLocker is a Ransomware Trojan horse virus that encrypts your files. Holding them hostage until you pay the set amount for decryption software (usually in the high hundreds of dollars). It was first seen sometime in 2013 and since then many derivatives have been created. These all try and accomplish the same thing.

What does it do

Cryptolocker will silently run in the background of your computer encrypting any non-critical system files on your computer so you can no longer access them. It then will either alert the user via a pop-up, or by leaving text files all over your computer explaining how to get them back.

Text-based Cryptolocker information

Window based Cryptolocker information

All your files will have the added file extension .enc or .encrypted and when opened in software will result in an error.

The software will usually leave instructions of how to access a link in the deep web – where they will ask for payment to return your files. This must be paid in untraceable bit-coin and is a considerable amount of money. There are no guarantees that paying this will result in returned files so your best bet is to leave it to the professionals.

What do I do

If you see any signs of CryptoLocker – TURN OFF YOUR COMPUTER IMMEDIATELY. CryptoLocker can spread via a network and encrypt files on other computers.

The sooner you can stop it from accessing your files the better. Never plug in a hard drive or flash drive to an infected system as the files on those will be encrypted as well.

Our advice is to take the system to a professional computer repair business, like Ion Programming – you can find our details here. We can use specialised tools to first remove the virus and then try to recover any traces of unencrypted data. You may be lucky enough to have recoverable data.

We advise that every time you use your computer after your files have been encrypted, your chances of having recoverable trace-files greatly decreases.