HOW DOES CRYPTOLOCKER WORK?
Cryptolocker is a new sophisticated malware that first began appearing around 2013. It is designed to scan hard drives for files with extensions from a hard-coded range, file extensions including: .pst to .doc to .xls to .png and .jpg and many more formats. As soon as the scan is complete, the malware encrypts the detected files with AES algorithm and then encodes the AES key with an RSA cryptosystem.
We provide cryptolocker removal services to companies in the Howard County, MD area. If you company is in need of cryptolocker removal or cryptolocker prevention services don’t hesitate to contact our experienced professionals!
1. Malware Delivery
Cryptolocker malware is mostly being delivered via email attachment
2. File Encryption
Once downloaded, the malware scans all files and encrypts them
3. Ransom Alert
When the encryption is complete, you will be prompted a deadline alert to pay a fee
4. Payment
To decrypt and regain access to your files, you’re required to pay in Cryptocurrency
The encryption technology used by Cryptolocker is almost impossible to break even with brute force attacks unless paying the ransom. But you have to keep in mind that paying the ransom doesn’t guarantee the criminal will indeed send a decryption key.
When the time runs out, the Cryptolocker deletes itself from your system, but your business is left with encrypted documents forever, and there’s nothing you can do to retrieve them.
After over a decade, Cryptolocker malware has grown its demographic. In the early days, it only attacked personal computers or individuals but now it silently began targeting the business sector. There is an estimated 100 million dollars of financial damage that organizations paid, not only for the ransom but also penalties for breaching the Data Protection Act.