CTB Locker: The new virus in town
Antivirus software such as McAfee and Symantec have recently been baffled by the new virus that is hitting the computers.
With spam campaigns that would require you to pay through bitcoin, this ransomware is a new sight for a lot of computer-users who are easily fooled by the convincing appearance of the malware, going by the name of “Curve Tor Bitcoin Locker.”
However, to make innocent victims aware of the new malware, McAfee has published their advisory which gives a step by step description and analysis of the virus which specifically target .jpg image files and encrypts them while the user is asked for payment in order to get back the files.
Better to be safe than sorry, all computer-users must know that the virus doesn’t take long to take its actions on your computer.
The moment it is installed, CTB-Locker starts creating encrypted files with the code that is stored into the “svchost.exe” file.
While encrypting the weakened files through elliptical curve encryption, which can be related to RSA encryption with a 3,072-bit key, you will get to know about your encrypted files the moment they are done doing it, with a pop-up message.
To make things worse, you will be given a 96-hour deadline by which your lack of ransom might lead you to lose the encrypted files permanently while they destroy the decryption code.
And if you do want to pay the ransom, you will be given full information about the payment methods for the decryption code while the clock ticks.
Even though you are taking full precaution, it might not be enough as the virus hits in many other names such as BackDoor-FCKQ, Downloader-FAMV and Injector-FMZ, the names by which you will be saved from through McAfee.
Symantec, however, will protect your computer through the final hit named Trojan.Cryptolocker.E.
Not only does this virus protect itself with different names but also creates many zipped files around it so that it takes a lot of work for the actual downloader of the CTB-Locker to be found.
With the downloader names such as payloads.zip, incurably.zip, though it might be hard for you to detect it, McAfee and Symantec has come up with various ways to make sure it doesn’t harm your files and leave them to be permanently encrypted.
You can visit the Symantec blog CTB-Locker pop-up or McAfee’s advice for how to avoid the threat and do try to maintain keeping backups because you never know when your computer gets stabbed in the back.