CTB-Locker ransomware virus!

[spartak_t]

Hey guys,

Currently I am dealing with one PC which was infected by this virus. CTB-Locker explained by Kaspersky. There is EXTREMELY high possibility some people to post links (of wallets for example) to files infected by this virus (because it is also demands for payment in bitcoin). Currently there is NO WORKING solution of the problem and believe me.. this one is nasty. ALWAYS check what you are downloading!

Cheers,
Spartak

[1715585338]

1715585338

[1715585338]

1715585338

[1715585338]

1715585338

[1715585338]

1715585338

[1715585338]

1715585338

[1715585338]

1715585338

[azguard]

10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.

[dsattler]

I recommend to check every downloaded zip before extracting with virustotal.com!

Better be safe than sorry!!!

[b!z]

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

[dsattler]

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

That thing is really bad. Better you have a recent backup!!!

[spartak_t]

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.

[spartak_t]

10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.

Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem.

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.

[dsattler]

10x for the information i will remember the name and if i found some solution will post it here also if you find some solution post it here.

Well... as far as I remember the virus was first spotted in July, 2014. Old modification still has no solution so you can imagine how serious is the problem.

There was a news article on it last year: http://www.coinbuzz.com/2014/07/29/ctb-locker

It's still quite relevant

I know about that virus since Cryptolocker. This one is nastier than ever and it seems that his last modification is from January this year. It is impossible to decrypt the files, because of the cryptography used in the virus.

I wonder how they hide the encryption key in their code, so that nobody can extract it... 

[nomoreheroes7]

Just pay the ransom. Problem solved.


 

[spartak_t]

I wonder how they hide the encryption key in their code, so that nobody can extract it...  

CTB-Locker renames your files with 6 or 7 letters after the original file extension (example: table.xls.srbcgxz). That "srbcgxz" is actually your "ticket" for the line of people who are willing to pay the ransom and it gives you unique unlock key which is about 3 times longer that normal Windows serial number. I saw that you can buy the kit for like $3,000. I wonder what can happen if some antivirus company decide to buy the kit and crack the code.

Just pay the ransom. Problem solved.


 

Unfortunately currently this is the only way (if you don't have backup).