Beware of CTB-Locker – the new file-encrypting ransomware programme.
Cybercriminals are spreading a new file-encrypting ransomware program that’s more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice that is a big threat to businesses and home PC users.
If you receive any unexpected emails; especially from HMRC and/or various banks (but not limited to) then please DO NOT OPEN THEM.
Swindon IT specialist Sensata are ready to give support to businesses who have received suspicious email or their machines have been compromised by this deadly virus. Call 01793 250030.
If opened, shut down your PC immediately (press and hold the power button, until the machine turns off) and phone Sensata. This virus will run a programme in the background that will encrypt your files, then it will connect to any network drives you have and start encrypting files on your network.
Once it has completed, you will then be presented with a message advising you to pay a sum of money in order to decrypt the files.
The private key, which is used to decrypt the files, is stored on a remote command-and-control server, that can only be accessed over the Tor anonymity network.
This is a precaution that the creator has taken in order to make it difficult for law enforcement agencies or security researchers to identify and shut down the server.
There is no guarantee that you will be given the required private key to access your files.
There is no way to decrypt the files. If you receive this email your business/home pc is at serious risk.