Don’t get taken! How to avoid ransomware like CTB-Locker


F-Secure Labs is detecting a sudden flurry of new infections from the CTB Locker ransomware. This sort of malware literally hold your files for a ransom, demanding a payment for their return by a certain time.

This particular variety is spreading through email spam and demands $650 USD or $575 Euros.

“There is no known way to break the encryption used by CTB-Locker,” Artturi from the F-Secure Labs writes. “Therefore the only way for a victim to get their files back is from back ups or by receiving the decryption key from the malware operators. However, you should never pay the ransom, as you’ll only help finance the criminal activities of malware operators! There is also no guarantee paying the ransom will actually get you your files back. That’s entirely up to the trustworthiness of the criminals.”

Catch those subtle last few words?

“…trustworthiness of the criminals.” That’s who you’re relying on. There’s no becoming Liam Neeson and tracking these guys down.

If you don’t want to put yourself at the mercy of lawbreakers, here are the three basic things you should do now.

1. Ensure you are running an up-to-date antivirus solution. F-Secure Labs already detects this threat along with attachments that have spread it.
2. You should also take care to not open executable files received as email attachments. (Yes, it’s 2015 and we still give this advice because some people obviously haven’t heard it yet.)
3. Most importantly, you should make regular back ups of all your data.

If you want to get into the technicalities of this threat or are the administrator of a network, read the full Labs post.



Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

You might also like