CryptoLocker is Evolving Faster Than We Can Stop It

CryptoLocker is on the move, and you won’t like where it’s headed next.

What started out as a relatively easy-to-spot method of infection; dodgy email attachments, has now involved into a much more sophisticated network of attack vectors and applications which can all deal devestating damage to your computer and all the personal files contained within.

Since first rearing its ugly head back in September of last year, CryptoLocker has infected nearly 250,000 computers worldwide, and is spreading faster than most researchers know what to do with. Because the idea of holding user’s data “hostage” is so popular with hackers (and effective at generating cash), the idea has caught on like wildfire. Dozens of previously dormant groups of malware mailers have now sprouted up with their own customized versions of CryptoLocker, including this new variant which uses fake Adobe Photoshop and Microsoft Office updates to weasel their way onto a potentially targeted machine.


A security blogger for Trend Micro elaborates:

“Rather than relying on a downloader malware — often UPATRE — to infect systems, this malware pretends to be an activator for various software such as Adobe Photoshop and Microsoft Office in peer-to-peer (P2P) file sharing sites. “

From there, it’s a simple process of running the automated program and displaying the warning to whoever the unlucky soul was that opened the wrong file to find themselves at the mercy of Russian or Southeast Asian hackers, equipped with a seemingly invincible virus that still has yet to find a single fix in the months that labs around the world have spent analyzing it.

The trend is so hot in black hat communities right now, researchers have had to concoct an entirely new term for this style of attack — dubbed “ransomware”. By taking control of people’s personal data, hackers can actually hold their photos, music, professional projects, and email archives hostage until the person agrees to pay a pre-determined amount through Bitcoin or MoneyPak debit cards that can be purchased at local drug stores and grocery outlets in the United States and the UK.

Reportedly it’s these two countries who have taken the majority of the hit, likely because the hackers realize that only the most affluent of people would be able to afford that price offhand, and they generally have larger libraries of digital images that can be used as collateral against them after the infection takes over. As of right now only those running Windows-based machines can contract the virus, although no one has reported sightings on any devices running versions of Windows 8.0 and up.

Subscribe to our blog feed at for all the latest updates on this unstoppable malware, and what you can do to protect yourself from the threat.