Return to Blog
March 24, 2021

What is CryptoLocker Ransomware and How Does it Work?

By Courtney Heinbach
RansomwareThreat AnalysisDatto RMM

Cybersecurity preventative measures have become increasingly more necessary as organizations around the world face rising threats. While there is, unfortunately, no foolproof way to protect against ransomware attacks, there are steps managed service providers (MSPs) can take to educate their clients about the various ransomware strains that could drastically impact business operations.

According to our annual State of the Channel Ransomware Report, MSPs report that CryptoLocker is the top ransomware variant impacting clients. Your clients’ employees may not have heard of this particular ransomware strain (or any others for that matter), so the best thing you can do is help them understand the basics.

What is CryptoLocker Ransomware?

Some of the earliest strains of ransomware can be traced back as far as the 1980s with payments demanded to be paid through snail mail. Since ransomware has developed, most hackers will now charge the ransom in cryptocurrency such as Bitcoin, or by credit card. Fortunately, with technology, as it stands today, paying the ransom is not your only option when it comes to recovering your data.

CryptoLocker ransomware emerged in 2013, infecting over 250,000 devices in its first four months. CryptoLocker encrypts Windows operating system files with specific file extensions, making them inaccessible to users. Once files are encrypted, hackers threaten to delete the CryptoLocker decryption key that unlocks files unless they receive payment in a matter of days in the form of Bitcoins, CashU, Ukash, Paysafecard, MoneyPak, or pre-paid cash vouchers.

How to protect clients’ devices against Cryptolocker

For MSPs, client education is key, along with antivirus, email filtering, and other ransomware prevention tools. CryptoLocker is primarily executed via phishing emails with malicious attachments, so MSPs should prioritize educating their clients on how to identify a phishing attempt.

CryptoLocker is often executed via phishing emails mimicking Microsoft, Autodesk, FedEx, and UPS and targets users in the US, UK, Australia, Canada, India, and across Europe and Asia.

Related

Acumen Consulting Improves Efficiency and Automates More With Datto RMM

Discover how Acumen Consulting leverages Autotask and Datto RMM to improve efficiency, save costs and streamline endpoint and user management.

Supercharge Your IT Team With Autotask and Datto RMM

Download our infographic to see how integrating Autotask PSA and Datto RMM boosts IT efficiency and streamlines workflows.

Want to learn how Datto can help with Datto RMM?
Learn More

Suggested Next Reads

Autotask Improves With New 2024.3 Release

We’re thrilled to announce Autotask’s new 2024.3 release — an offering that reflects Kaseya’s substantial investment in strengthening the platform’s […]

August 30, 2024 | Travis Brittain

The Importance of Defense in Depth 

Learn about the Defense in Depth cybersecurity strategy, why it is a strong choice for businesses and how to implement it.

August 09, 2024 | Chris McKie