Recently we told you about how Sophos protects you from the nasty Cryptolocker ransomware. Now we’d like to give you a little demonstration of how it spreads, how it encrypts files, and how it extracts a ransom from its victims.
Our Support teams have put together a video demonstration (embedded below) that shows what Cryptolocker actually looks like and how it works.
We’ll show you what the file looks like when it infects a computer (claiming to be a PDF document), what happens when it executes, and how the cybercriminals expect you to pay up (they offer to let you pay in bitcoins). You’ll also see how layers of protection from Sophos keep this from happening.
Remember though—you really don’t want to try this at home. If you see the ransom message from Cryptolocker on your computer, it’s too late. Your files are already encrypted, and only the ransom-takers have the encryption key to set them free. It’s much better to protect yourself proactively and keep your files backed up. We don’t recommend paying the ransom.
For more information on this type of threat, you can also download our whitepaper on ransomware (registration required), or use our Knowledgebase.
Watch Cryptolocker in action!
How to Stay Secure
You need layers of protection to keep your files safe before an infection. Sophos Endpoint Antivirus and Enduser Protection Suites block Cryptolocker from ever getting onto your system. Learn more about how we keep you and your important files safe at sophos.com/endpoint.
Sophos expert talks about Cryptolocker and bitcoin ransom on CNBC (Video) | Sophos Blog
[…] and other ransomware threats. Watch the video created by our Support team to learn more about how Cryptolocker works, and what happens when Cryptolocker infects a […]
Cyber Monday brings warnings of increased attacks | Sophos Blog
[…] According to Chet, you should watch out for malicious links and attachments in spam. Never open attachments in spam messages claiming to be shipping notifications, Chet advises: they are delivering banking Trojans like Zeus (ZBot), and infecting victims with Cryptolocker ransomware. […]
Explaining botnets, exploit kits, Linux and Android malware (Podcast) | Sophos Blog
[…] of the largest botnets, called Zbot or Zeus, has recently been used to drop the Cryptolocker ransomware on infected machines. As John explains, a computer infected by Zbot/Zeus can be hit again and again […]
Sophos expert predicts rise of ransomware in 2014 | Sophos Blog
[…] other ransomware threats. Watch the video created by our Support team to learn more about how Cryptolocker works, and what happens when Cryptolocker infects a computer. You can also download our recent […]
Decoding Cryptolocker: How it works and how to protect your files (Presentation) | Sophos Blog
[…] behind it figure out ways to make more money from their victims. We’ve also showed you how it looks when Cryptolocker takes over your […]
Cryptolocker surfaces in fake UK Royal Mail emails, many victims willing to pay | Sophos Blog
[…] Watch a video of Cryptolocker in action […]
How malware works: Anatomy of an attack in five stages (Infographic) | Sophos Blog
[…] is downloaded onto the victim computer (infection). Finally, the malware (in this case also called ransomware) attempts to extort money from the […]