All About CTB Locker Ransomware

In June 2014, Operation Tovar, run by the U.S. Justice Department in collaboration with the FBI, Europol and some important names in the private sector, like Heimdal, Symantec, Trend Micro and McAfee, took down a large network controlled by hackers in Russia and Ukraine. They were using the Gameover platform to spread and infect systems with CryptoLocker, a dangerous piece of ransomware that encrypts your files and asks a sum of money in exchange for the decryption key.

What is CTB Locker?

CTB Locker is one of the developments of CryptoLocker, the ransomware trojan that spreads mainly through spam and e-mail attachments.

The name of the ransomware, CTB, comes from its main advantages: Curve-Tor-Bitcoin.

Curve comes from its persistent cryptography based on elliptic curves, which encrypts the affected files with a unique RSA key; Tor comes from the malicious server placed in onion-domain (TOR), which is very difficult to take down; Bitcoin refers to the possibility to pay in Bitcoins, avoiding normal payment systems that can lead back to online criminals; Crime as a Service

First, we need to establish the fact that we are dealing with a type of malware specifically developed to be used by online criminals

Read More: https://heimdalsecurity.com/blog/ctb-locker-ransomware/