CTB-Locker Ransomware is a ransomware created by cyber hackers to encrypts files in the infected computers for the purpose of asking for ransom from its victims. This ransomware can target different versions of Windows such as Windows XP, Windows Vista, Windows 7, and Windows 8. Basically, this ransomware enters your computer by making use of your system vulnerabilities. When you visit the malicious websites, download free applications from unsafe sources, click on suspicious links or open spam email attachments, you may have a greater chance to get this ransomware downloaded on your computer system.
Once installed on your PC, this ransomware will first modify your system settings and inject its star-up registry entries into your Windows registry. By doing so, it ensure an automatic running whenever the Windows is launched. Then, it starts encrypting a variety of files stored in your system, such as .doc, .jpg, .mp4, .cer, .pem, .db files. Consequently, you will not be able to access those encrypted files. Once the encryption is done, this ransomware will show a message on your computer screen, demanding you to pay ransom in order to regain the access to your personal files. The message looks like this:
Your personal files are encrypted by CTB-Locker.
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer.Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key.You only have 96 hours to submit the payment. If you do not send money within provided time, all your files will be permanently crypted and no one will be able to recover them.Press “View” to view the list of files that have been encrypted.Press “Next” for the next page.WARMING! DO NOT TRY TO GET RID OF THE PROGRAM YOURSELF. ANY ACTION TAKEN WILL RESULT IN DECRYPTION KEY BEING DESTROYED. YOU WILL LOSE YOUR FILES FOREVER. ONLY WAY TO KEEP YOUR FILES IS TO FOLLOW THE INSTRUCTION.
It is not suggested that you follow the instruction to obtain the private key which allows you to decrypt the files, or else your online banking account details might be captured by the cyber hackers without your knowledge. In fact, this ransomware can allow the remote cyber hackers to gain unauthorized access to your system and monitor all activities on your computer. If you want to regain access to your personal files, you need to find out the effective way to get rid of this ransomware, instead of following the instruction on the message. Have no clues how to perform the removal? Then, you can try the methods introduced below. Read more by clicking here.
No comments:
Post a Comment