The first time anyone came in contact with CryptoLocker was during the September 2013 period, after a lull in the number of ransomware attacks. Even though security experts were well aware the threat was far from over, CryptoLocker took all of them by surprise, as it was much harder to detect, or even fix without paying the associated fee.
Whoever developer CryptoLocker remains unknown to this point, but they were quite well versed in technology and encryption by the look of things. CryptoLocker was the first type of ransomware to use a 2048-bit RSA key pair to decrypt computer files, which is incredibly difficult to brute force.
Additionally, CryptoLocker uploaded this key pair to a command-and-control server, and a whitelist of file extensions was created which would then be encrypted by the ransomware. As is the case with any of these infections, users were greeted with a message asking them to pay a certain fee if they wanted to restore access to their files.
http://themerkle.com/news/ransomware-education-cryptolocker-introduced-timed-bitcoin-payments/
