Unlike other computer malwares and Trojans which performs unusual type of activities on the victim machine, such as stealing private data, gaining access to personal information, garbling files, or to advertise political or humorous messages on the user’s screen; CryptoLocker uses entirely offbeat strategy to destroy your data and which makes your data recovery impossible.
So, what exactly is CryptoLocker and how does it works?
First reported in September 2013, a CryptoLocker is a ransomware trojan that expertly targets Windows based PC (including latest version of Windows 8), and annihilate stored data beyond the proficiency of any data recovery process.
In case if you don’t know, “Ransomware is a kind of malware which limits your access to your own computer, or your certain files, and asks some sort of ransom to be paid in order to unlock your PC.”
What it really does is that, it securely encrypts the data including documents, photos and videos in the victim’s machine using RSA-2048 security algorithms which is almost un-breakable.
Once the encryption is done, it uncovers itself, demanding the infected user to pay the ransom in order to gain their sensitive data back. It also forewarns the user to not try to get rid of the CryptoLocker program as it will enduringly obliterate their personal data by razing the secret-key from the server.
Considering that CryptoLocker employs RSA for data encryption, It merits mentioning here that RSA uses public-key cryptography, which means that user’s data is encrypted using the single public-key and for each unique public-key, there is a private-key; the encrypted data could only be recovered when the private-key is provided to the CryptoLocker program.
This private-key is only available on the CryptoLocker secret server on the Internet which will be provided to the sufferer if he pays the demanding amount in a given time frame, if a user fall short to pay the requested amount in the defined time, his private-key will be exterminated on the server and there will be no way left to restore his data again.
While on the other hand, paying the required fee doesn’t guarantee that your infected data will be decrypted and restored to you. So concisely, if you’re infected by CryptoLocker, you’re totally screwed.
The attacks of CryptoLocker could come from various distinct sources, including USB drives, social networks, and spam e-mails etcetera.
In one strategy, it disguises itself as a genuine email attachment that asks the user to click on a zip file. It also spreads as an e-mail attachment claiming that there had been a problem clearing a cheque, and clicking the associated link downloads a Trojan called Gameover Zeus, which in turn installs Cryptolocker onto the victim’s PC.
Ever since CryptoLocker surfaces on the Internet, there have been diverse incidents where organizations and professionals have become the prey, and have paid a ransom to revive their sensitive data.
Dell Secureworks had said that, between 200,000 to 250,000 computers had been infected by CryptoLocker so far. It is essentially well-known because of it use of robust encryption, a countdown timer and an entangled monetization scheme.
Security researchers have been digging hard to break the CryptoLocker Trojan, on the side note; one of the most efficient ways to dwindle the influence of CryptoLocker is to abstain from reading emails from an unfamiliar sender, or by creating routinely backups of your personal and sensitive data.
One other way is to keep your Antivirus up-to-date; It is always a good idea to pay few bucks to buy the premium Antivirus service, than installing the Free trial versions.