|
Title: CTB-Locker ransomware virus! Post by: spartak_t on February 02, 2015, 12:21:09 PM Hey guys,
Currently I am dealing with one PC which was infected by this virus. CTB-Locker explained by Kaspersky (http://blog.kaspersky.com/new-version-ctb-locker/). There is EXTREMELY high possibility some people to post links (of wallets for example) to files infected by this virus (because it is also demands for payment in bitcoin). Currently there is NO WORKING solution of the problem and believe me.. this one is nasty. ALWAYS check what you are downloading! Cheers, Spartak Title: Re: CTB-Locker ransomware virus! Post by: azguard on February 03, 2015, 06:59:34 AM 10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.
Title: Re: CTB-Locker ransomware virus! Post by: dsattler on February 03, 2015, 07:01:21 AM I recommend to check every downloaded zip before extracting with virustotal.com (http://virustotal.com)!
Better be safe than sorry!!! Title: Re: CTB-Locker ransomware virus! Post by: b!z on February 03, 2015, 07:19:57 AM There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker
It's still quite relevant Title: Re: CTB-Locker ransomware virus! Post by: dsattler on February 03, 2015, 07:29:39 AM There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker It's still quite relevant That thing is really bad. Better you have a recent backup!!! Title: Re: CTB-Locker ransomware virus! Post by: spartak_t on February 03, 2015, 10:50:41 AM There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker It's still quite relevant I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus. Title: Re: CTB-Locker ransomware virus! Post by: spartak_t on February 03, 2015, 10:52:43 AM 10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here. Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem. :) There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker It's still quite relevant I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus. Title: Re: CTB-Locker ransomware virus! Post by: dsattler on February 03, 2015, 04:12:19 PM 10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here. Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem. :) There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker It's still quite relevant I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus. I wonder how they hide the encryption key in their code, so that nobody can extract it... ??? Title: Re: CTB-Locker ransomware virus! Post by: nomoreheroes7 on February 03, 2015, 04:57:02 PM Just pay the ransom. Problem solved.
:P Title: Re: CTB-Locker ransomware virus! Post by: spartak_t on February 03, 2015, 05:54:47 PM I wonder how they hide the encryption key in their code, so that nobody can extract it... ??? CTB-Locker renames your files with 6 or 7 letters after the original file extension (example: table.xls.srbcgxz). That "srbcgxz" is actually your "ticket" for the line of people who are willing to pay the ransom and it gives you unique unlock key which is about 3 times longer that normal Windows serial number. I saw that you can buy the kit for like $3,000. I wonder what can happen if some antivirus company decide to buy the kit and crack the code. :) Just pay the ransom. Problem solved. :P Unfortunately currently this is the only way (if you don't have backup). |