How Cryptolocker encrypts your files and extracts a ransom (Video demo)

ransomwareRecently we told you about how Sophos protects you from the nasty Cryptolocker ransomware. Now we’d like to give you a little demonstration of how it spreads, how it encrypts files, and how it extracts a ransom from its victims.

Our Support teams have put together a video demonstration (embedded below) that shows what Cryptolocker actually looks like and how it works.

We’ll show you what the file looks like when it infects a computer (claiming to be a PDF document), what happens when it executes, and how the cybercriminals expect you to pay up (they offer to let you pay in bitcoins). You’ll also see how layers of protection from Sophos keep this from happening.

Remember though—you really don’t want to try this at home. If you see the ransom message from Cryptolocker on your computer, it’s too late. Your files are already encrypted, and only the ransom-takers have the encryption key to set them free. It’s much better to protect yourself proactively and keep your files backed up. We don’t recommend paying the ransom.

For more information on this type of threat, you can also download our whitepaper on ransomware (registration required), or use our Knowledgebase.

Watch Cryptolocker in action!


How to Stay Secure

You need layers of protection to keep your files safe before an infection. Sophos Endpoint Antivirus and Enduser Protection Suites block Cryptolocker from ever getting onto your system. Learn more about how we keep you and your important files safe at sophos.com/endpoint.

7 thoughts on “How Cryptolocker encrypts your files and extracts a ransom (Video demo)

  1. Pingback: Sophos expert talks about Cryptolocker and bitcoin ransom on CNBC (Video) | Sophos Blog

  2. Pingback: Cyber Monday brings warnings of increased attacks | Sophos Blog

  3. Pingback: Explaining botnets, exploit kits, Linux and Android malware (Podcast) | Sophos Blog

  4. Pingback: Sophos expert predicts rise of ransomware in 2014 | Sophos Blog

  5. Pingback: Decoding Cryptolocker: How it works and how to protect your files (Presentation) | Sophos Blog

  6. Pingback: Cryptolocker surfaces in fake UK Royal Mail emails, many victims willing to pay | Sophos Blog

  7. Pingback: How malware works: Anatomy of an attack in five stages (Infographic) | Sophos Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s