What is Cryptolocker?
Cryptolocker is a ransomware virus that encrypts files on an infected computer and demands payment for key to decrypt the files. The original Cryptolocker virus first appeared in 2013 and was permanently neutralized in May 2014, but variations of Cryptolocker ransomware — some using the Cryptolocker name — continue to plague individuals and organizations today.
What happens during a Cryptolocker attack?
In a Cryptolocker attack, the virus arrives at a computer via an email or spam message that contains a weaponized attachments or links to a malicious website. The attachment may resemble an invoice, shipping notice, fax report or Office document. When the attachment is opened, the Cryptolocker virus encrypts a large number of files — presentations, spreadsheets, Word docs, PDFs, images and many others. Users then see a message informing them the files have been encrypted and instructing them how to pay the ransom to get the decryption code.
How to prevent Cryptolocker attacks
Cryptolocker prevention requires awareness among users and powerful anti ransomware technology that can prevent users from clicking on malicious links or opening malicious attachments. And when those measures fail to block ransomware like Cryptolocker, having robust backup and recovery tools can mitigate the damage caused by an attack.