Skip to content

How Cryptolocker encrypts your files and extracts a ransom (Video demo)

ransomwareRecently we told you about how Sophos protects you from the nasty Cryptolocker ransomware. Now we’d like to give you a little demonstration of how it spreads, how it encrypts files, and how it extracts a ransom from its victims.

Our Support teams have put together a video demonstration (embedded below) that shows what Cryptolocker actually looks like and how it works.

We’ll show you what the file looks like when it infects a computer (claiming to be a PDF document), what happens when it executes, and how the cybercriminals expect you to pay up (they offer to let you pay in bitcoins). You’ll also see how layers of protection from Sophos keep this from happening.

Remember though—you really don’t want to try this at home. If you see the ransom message from Cryptolocker on your computer, it’s too late. Your files are already encrypted, and only the ransom-takers have the encryption key to set them free. It’s much better to protect yourself proactively and keep your files backed up. We don’t recommend paying the ransom.

For more information on this type of threat, you can also download our whitepaper on ransomware (registration required), or use our Knowledgebase.

Watch Cryptolocker in action!

How to Stay Secure

You need layers of protection to keep your files safe before an infection. Sophos Endpoint Antivirus and Enduser Protection Suites block Cryptolocker from ever getting onto your system. Learn more about how we keep you and your important files safe at


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!