Author

Topic: CTB-Locker ransomware virus! (Read 1364 times)

legendary
Activity: 1960
Merit: 1176
@FAILCommunity
February 03, 2015, 12:54:47 PM
#10
I wonder how they hide the encryption key in their code, so that nobody can extract it...  Huh

CTB-Locker renames your files with 6 or 7 letters after the original file extension (example: table.xls.srbcgxz). That "srbcgxz" is actually your "ticket" for the line of people who are willing to pay the ransom and it gives you unique unlock key which is about 3 times longer that normal Windows serial number. I saw that you can buy the kit for like $3,000. I wonder what can happen if some antivirus company decide to buy the kit and crack the code. Smiley

Just pay the ransom. Problem solved.


 Tongue

Unfortunately currently this is the only way (if you don't have backup).
sr. member
Activity: 326
Merit: 250
King of all the land
February 03, 2015, 11:57:02 AM
#9
Just pay the ransom. Problem solved.


 Tongue
legendary
Activity: 924
Merit: 1000
February 03, 2015, 11:12:19 AM
#8
10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.

Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem. Smiley

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.


I wonder how they hide the encryption key in their code, so that nobody can extract it...  Huh
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
February 03, 2015, 05:52:43 AM
#7
10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.

Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem. Smiley

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
February 03, 2015, 05:50:41 AM
#6
There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.
legendary
Activity: 924
Merit: 1000
February 03, 2015, 02:29:39 AM
#5
There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

That thing is really bad. Better you have a recent backup!!!
b!z
legendary
Activity: 1582
Merit: 1010
February 03, 2015, 02:19:57 AM
#4
There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant
legendary
Activity: 924
Merit: 1000
February 03, 2015, 02:01:21 AM
#3
I recommend to check every downloaded zip before extracting with virustotal.com!

Better be safe than sorry!!!
legendary
Activity: 1484
Merit: 1001
Crypto-News.net: News from Crypto World
February 03, 2015, 01:59:34 AM
#2
10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.
legendary
Activity: 1960
Merit: 1176
@FAILCommunity
February 02, 2015, 07:21:09 AM
#1
Hey guys,

Currently I am dealing with one PC which was infected by this virus. CTB-Locker explained by Kaspersky. There is EXTREMELY high possibility some people to post links (of wallets for example) to files infected by this virus (because it is also demands for payment in bitcoin). Currently there is NO WORKING solution of the problem and believe me.. this one is nasty. ALWAYS check what you are downloading!

Cheers,
Spartak

Jump to: