(also Cyber-Tor-Bitcoin Locker, Critoni. A)
CTB locker definition
A CTB locker is a type of ransomware and is part of the crypto-ransomware family. It was discovered in 2014 and is spread through infected emails and fake downloads, like fake Flash updates.
After the virus infects a device, it encrypts multiple files, including .xls, .doc, .docx, .psd, .ppt, and .pdf. Once the files are encrypted, the CTB locker demands a ransom payment in Bitcoin to decrypt the encrypted files.
A CTB locker can work on almost every Windows operating system version, including Windows XP, Vista, Windows 7, and Windows 8.
Most users who have been victims of a CTB locker have to pay the ransom if they want their files decrypted because it is challenging to decrypt them any other way.
CTB locker protection
Open email attachments with great caution. The main method of CTB locker spread is via email attachments. So users must be extremely cautious when opening attachments and should avoid opening attachments from unfamiliar email addresses.
Not all links should be opened. A CTB locker can also spread via fake download links. Users should avoid clicking on links sent by unfamiliar email addresses or websites that seem suspicious.
Create backups. Once files are encrypted with a CTB locker, it’s almost impossible to decrypt them without paying the ransom. However, data and server backups enable users to access their previous data, allowing them to get back the encrypted files. So even if someone experiences a CTB locker, they won’t have to pay the ransom because their data will be backed up. However, backups should be created in a different location, separate from all other files and apps, so they don’t get infected during a CTB locker attack.