CryptoTorLocker2015
Posted: February 2, 2015
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 9 |
First Seen: | February 2, 2015 |
---|---|
Last Seen: | January 9, 2019 |
OS(es) Affected: | Windows |
CryptoTorLocker2015 is a file encryptor Trojan that uses a XOR algorithm to scramble the contents of common types of files and make those files temporarily unusable. Although CryptoTorLocker2015 displays multiple messages recommending that you pay a fee to reverse this attack, malware experts already have found free decryptors uploaded to the Web by independent security researchers. Because of the possible complications arising from additional threats responsible for CryptoTorLocker2015's installation, removing CryptoTorLocker2015 and other threats always should proceed with the help of qualified anti-malware tools prior to any attempt at file recovery.
The File Lockdown that's Easier to Escape than You'd Suspect
The popularity of ransomware as a means of collecting money isn't always backed up by strong programming skills on the part of the responsible persons. While CryptoTorLocker2015 is a new file encrypting Trojan, CryptoTorLocker2015 uses a simpler encryption method than that of most comparable Trojans, along with ransom images seemingly 'borrowed' from its competition in the threat industry. However, CryptoTorLocker2015 still is capable of targeting broad ranges of file types on your hard drive, encrypting them and then modifying their file names with the '. CryptoTorLocker2015!' extension. Folders with CryptoTorLocker2015-modified files also will include additional text instructions on paying CryptoTorLocker2015's ransom.
CryptoTorLocker2015's ransom note, although provided in English, appears to have been written with the help of an incompetent auto-translation tool. A modified wallpaper image duplicates this message's purpose, and an additional pop-up window provides the prompt for entering the decryption password. CryptoTorLocker2015 requests the payment of 0.5 Bitcoins (slightly over one hundred USD) before its admin will provide the password for unlocking your files. However, malware experts found several, significant weaknesses in CryptoTorLocker2015:
- Because CryptoTorLocker2015 stores its password locally on your PC, professionals in the PC security industry may be able to retrieve its password, 'tricking' CryptoTorLocker2015 into beginning the decryption process. In contrast, most file decrypting Trojans use passwords uploaded to them from external servers.
- Even if you're unable to acquire CryptoTorLocker2015's password, free decryption tools should be able to break CryptoTorLocker2015's simple, XOR-based encryption code with minimal issues. Note that some PC security tools may inaccurately identify CryptoTorLocker2015 decryptors as variants of CryptoTorLocker2015 (due to their using similar text strings).
Until you decrypt the data on your PC, any files modified by CryptoTorLocker2015 will be unreadable, which may cause any associated software to fail to function properly.
The Final Verdict for a File Locking Trojan
CryptoTorLocker2015 may use primitive means of attacking your data, but still may prevent you from accessing it, and may be being distributed by other threats with additional attack capabilities. Malware experts have seen some symptoms associated with CryptoTorLocker2015 infections that can't be explained by CryptoTorLocker2015's file-locking capabilities; acting swiftly to disinfect your PC is heavily encouraged. Once you've deleted CryptoTorLocker2015 and any other threats with appropriate anti-malware products, you then can decrypt your files.
Alternatively, file decryption can be considered entirely unnecessary, for PC users who bother to back their PC's data up regularly. A remote file backup on a cloud storage service, USB drive or other, external location can provide an extra layer of protection from file encryptors like CryptoTorLocker2015.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.