CTB-Locker: Ransomware striking in Europe and Latin America

Next story

Infection starts when victims receive an e-mail with the subject “fax”, containing an attachment infected with Win32/TrojanDownloader.Elenoocka.A – a trojan downloader which after connecting to Internet downloads other malware – in this case the Win32/FileCoder.DA, known as CTB-Locker. Upon successful opening in the victim’s device, CTB-Locker encrypts all files on the device, locks its screen and displays a ransom message.

For more detailed analysis of CTB-Locker ransomware, please visit WeLiveSecurity.com.

Raphael Labaca Castro
Editor in Chief, We Live Security