ESET researchers have spotted a new variant of ransomware - CTB-Locker spreading in Europe and Latin America over the past two days. It encrypts user’s files and requests ransom in Bitcoins.
Infection starts when victims receive an e-mail with the subject “fax”, containing an attachment infected with Win32/TrojanDownloader.Elenoocka.A – a trojan downloader which after connecting to Internet downloads other malware – in this case the Win32/FileCoder.DA, known as CTB-Locker. Upon successful opening in the victim’s device, CTB-Locker encrypts all files on the device, locks its screen and displays a ransom message.
For more detailed analysis of CTB-Locker ransomware, please visit WeLiveSecurity.com.
Raphael Labaca Castro
Editor in Chief, We Live Security
Discover ESET
Our vision, values and technology.
Over 30 years of digital security innovation.
Newsroom
Get the latest ESET updates.
Company news at your fingertips.
Contact information for media and agencies.
Careers
Build a career with ESET.
Progress your career with ESET.