CTB LOCKER RANSOMWARE

ImageSource

CTB LOCKER (Curve-Tor-Bitcoin Locker) also known by Critroni is an example of file encrypting malware infections. The ransomware was released middle of July 2014 targeting windows OS.
  • Curve - comes from its persistent cryptography based on elliptic curves, which encrypts the affected files with a unique RSA key.
  • Tor - comes from the malicious server placed in onion-domain which is very difficult to take down.
  • BitCoin- refers to the possibility to pay in BitCoins, avoiding normal payment systems that can lead back to attackers. 


**CTB-Locker is a ransomware variant that first encrypts the files, then claims you have 4 days (96 hours) to make the payment, and if the victim doesn't send money in time, their files gets permanently encrypted.

Comments

Post a Comment

Popular posts from this blog

SATANA RANSOMWARE

Image
SATANA Trojan encrypts files and corrupts windows Master Boot Record (MBR) thus blocking the Windows boot process. SATANA behaves quite similarly like the notorious PetyaRansomware . Image Source To encrypt PC files, PETYA relies on the help of a tagalong Trojan called Mischa, while SATANA manages tasks on its own. Once the ransomware start running it disappears, and hides under a different name in the %TEMP% folder. Then after it will always prompt the user to download a malicious file until they click yes. Once the action starts, the malicious code will be written to the beginning of disk. After it installs and runs its malicious code, SATANA then waits for the computer to reboot. But the system won’t start instead it will show a screen with the ransom note, like most ransomware.
Read more

CRYPTOVIROLOGY

Image
Cryptovirology is a field that studies and researches about various ways by which cryptography application can be used to design malicious software's. It investigates how modern cryptographic paradigms and tools can be used to strengthen, improve and develop new malicious software's for malware attacks. Cryptovirology is a forward engineering discipline that is primarily used for attacking rather defending. This field emerged with an observation that a public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding a malware and what attacker observes. Antivirus analyst observes a public key contained in the malware whereas an attacker sees the public key contained in the malware as well as its corresponding private key outside the malware. This public key allows the malware to perform trapdoor function on victim's computer that attacker can only undo.
Read more