Hey! You must login or signup first!

Cryptolocker_program

Submission   2,342

Part of a series on Ransomware. [View Related Entries]

Overview

CryptoLocker malware attack was a ransomware Trojan virus which targeted computers running Microsoft Windows operating systems that was first detected by Dell SecureWorks in September 2013[1].

Background

Mechanism

Cryptolocker infections normally begin via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers.

Ransomware

Cryptolocker builds up on the successes of ransomware in the recent years, though ransomware as a distinct type of malware is not new. One of the earliest pieces of malware that was written specifically to make money, rather than simply to illustrate a point, was the AIDS Information Trojan of 1989[2]. It makes use of encryption methods for malicious purposes as criminal methods become more and more sophisticated each year, similar to the GPCode trojan, whose keys were cracked in 2008[3]. Over the past years, ransomware has become significantly more prevalent and the malware authors have written significantly more clever and scary versions[4].

Developments

Since its discovery and its debut in Great Britain, CryptoLocker infected more than 234,000 computers worldwide, including more than 100,000 in the U.S., and generated its cyber-criminal creators more than $380,000 in revenue. This, along with its sophistication of getting past security programs to complete their infection of computers surreptitously, had led security writers to call it a "diabolical twist on an old scam"[5][6]. It gained notoriety in November 2013.

At the end of May 2014, U.S. and foreign law enforcement agents seized the computers that distributed CryptoLocker. Although Cryptolocker was neutralized, it is only a matter of time before malware writers devise a new method of attack.

CryptoWall

CryptoWall is a copy of the Cryptolocker malware that first surfaced in February 2014. Filling the voidIt has infected over 600,000 computers, encrypting five billion files, which made CryptoWall "the largest and most destructive ransomware threat on the Internet" at the time of the discovery. However, unlike Cryptolocker, it was less effective at generating income for its creators[8].

Search Interest

External References

[1] Dell SecureWorks – "":http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware/ | Posted on 12-18-13.

[2] Naked Security – Destructive malware "CryptoLocker" on the loose – here's what to do | Posted on 10-12-13.

[3] Kaspersky Lab – Kaspersky System Watcher – Safeguarding user data with Kaspersky Cryptomalware Countermeasures Subsystem

[4] Forbes – Computer Virus Spreading That Means You Never Get To See Your Files Again | Posted on 10-22-13.

[5] Forbes – Cryptolocker Thieves Likely Making 'Millions' As Bitcoin Breaks $1,000 | Posted on 11-27-13.

[6] Brian Krebs (KrebsonSecurity.com) – CryptoLocker Crew Ratchets Up the Ransom | Posted on 11-13-2013.

[7] USA Today – Federal agents knock down Zeus Botnet, CryptoLocker | Posted on 6-2-14.

[8] PC World – CryptoWall ransomware held over 600K computers hostage, encrypted 5 billion files | Posted on 8-29-14.



Share Pin

Related Entries 3 total

Wanadecrypt0r
WannaCry Ransomware Attack
Cover3
2021 U.S. East Coast Gas Shor...
Maxresdefault
2017 Peyta Ransomware Attack

Recent Images 0 total

There are no recent images.


Recent Videos 0 total

There are no recent videos.




Load 12 Comments
CryptoLocker Ransomware Attack

CryptoLocker Ransomware Attack

Part of a series on Ransomware. [View Related Entries]

Updated Apr 11, 2018 at 08:27PM EDT by Brad.

Added Aug 30, 2014 at 01:13PM EDT by Bryan See.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

Overview

CryptoLocker malware attack was a ransomware Trojan virus which targeted computers running Microsoft Windows operating systems that was first detected by Dell SecureWorks in September 2013[1].

Background

Mechanism

Cryptolocker infections normally begin via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers.

Ransomware

Cryptolocker builds up on the successes of ransomware in the recent years, though ransomware as a distinct type of malware is not new. One of the earliest pieces of malware that was written specifically to make money, rather than simply to illustrate a point, was the AIDS Information Trojan of 1989[2]. It makes use of encryption methods for malicious purposes as criminal methods become more and more sophisticated each year, similar to the GPCode trojan, whose keys were cracked in 2008[3]. Over the past years, ransomware has become significantly more prevalent and the malware authors have written significantly more clever and scary versions[4].

Developments

Since its discovery and its debut in Great Britain, CryptoLocker infected more than 234,000 computers worldwide, including more than 100,000 in the U.S., and generated its cyber-criminal creators more than $380,000 in revenue. This, along with its sophistication of getting past security programs to complete their infection of computers surreptitously, had led security writers to call it a "diabolical twist on an old scam"[5][6]. It gained notoriety in November 2013.

At the end of May 2014, U.S. and foreign law enforcement agents seized the computers that distributed CryptoLocker. Although Cryptolocker was neutralized, it is only a matter of time before malware writers devise a new method of attack.

CryptoWall

CryptoWall is a copy of the Cryptolocker malware that first surfaced in February 2014. Filling the voidIt has infected over 600,000 computers, encrypting five billion files, which made CryptoWall "the largest and most destructive ransomware threat on the Internet" at the time of the discovery. However, unlike Cryptolocker, it was less effective at generating income for its creators[8].

Search Interest

External References

[1] Dell SecureWorks – "":http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker-ransomware/ | Posted on 12-18-13.

[2] Naked Security – Destructive malware "CryptoLocker" on the loose – here's what to do | Posted on 10-12-13.

[3] Kaspersky Lab – Kaspersky System Watcher – Safeguarding user data with Kaspersky Cryptomalware Countermeasures Subsystem

[4] Forbes – Computer Virus Spreading That Means You Never Get To See Your Files Again | Posted on 10-22-13.

[5] Forbes – Cryptolocker Thieves Likely Making 'Millions' As Bitcoin Breaks $1,000 | Posted on 11-27-13.

[6] Brian Krebs (KrebsonSecurity.com) – CryptoLocker Crew Ratchets Up the Ransom | Posted on 11-13-2013.

[7] USA Today – Federal agents knock down Zeus Botnet, CryptoLocker | Posted on 6-2-14.

[8] PC World – CryptoWall ransomware held over 600K computers hostage, encrypted 5 billion files | Posted on 8-29-14.

Recent Videos

There are no videos currently available.

Recent Images

There are no images currently available.


Top Comments

­­­Alex Mercer
­­­Alex Mercer Moderator


Sometimes i hate KYM userbase.. I really do.
Back to the entry.. Well only the first sentence plagiarized from wikipedia but doesn't matter. Resarch is pretty good too.. But there is just one and biggest problem on this entry..
How is this a meme? This doesn't have any kind of social impact on the net, it never been parodied, it never became the biggest topic on twitter, fb, exc..
Brian.. Can you take a minute to read this thing please?

+4

+ Add a Comment

Comments (12)


Display Comments

Add a Comment