Once again, there is a new type of ransomware in town, which shows a lot of similarities with the once feared CTB-Locker malware strain. However, this tool does something differently, as it uses WinRAR to lock data in password-protected zip files. This is an interesting take on file encryption, although it may not be as worrisome as people may think at first glance.
Throughout the past few months, internet criminals have been stepping up their game when it comes to creating powerful ransomware. Even though CTB-Faker borrows a lot of its code from CTB-Locker, do not take this threat lightly. Getting infected with this malware will make computer files inaccessible, which is never a good thing.
That being said, it is possible to decrypt the data, although it will take a more complicated process than normal. Interestingly enough, CTB-Faker often spreads through adult websites, particularly those promoting private striptease dance videos. Platform visitors are invited to download a zip file containing an executable file, containing the CTB-Faker ransomware.
So far, this method of attack has proven to be quite lucrative for internet criminals. One of the Bitcoin addresses used by this malware has received 577 BTC in payments so far. Not bad for a rather harmless ransomware, even though it can be quite annoying to deal with for the average user. Paying the ransomware fee of US$50 in Bitcoin is usually the preferred action, as it is a rather small price to pay compared to other forms of malware.
Security researchers have discovered the CTB-Faker name is aptly chosen, considering how little of a threat this malware truly poses. Instead of using SHA-512 and RSA-4096 encryption to lock files, it uses the standard encryption used by the WiNRAR software. One researcher has found a way to break this encryption for free, and he will gladly help infected users do so.
While the ransom note provided by CTB-Faker may be very worrisome, none of its claims can be backed up. Moreover, the low ransom price point makes it appealing to less tech-savvy computer users to just pay the money and have file access restored. But rest assured a free solution is available when reaching out to the right people.
Image credit 1
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.
Step Finance has disclosed a significant security incident involving its protocol-owned funds, marking one of…
The crypto industry is once again grappling with a rising wave of security breaches as…
Ethereum co-founder Vitalik Buterin is once again challenging a popular crypto narrative, this time around…
Shockwaves moved through the Solana ecosystem after DeFi dashboard and portfolio platform Step Finance confirmed…
Tether has released its Q4 2025 quarterly attestation, and the numbers confirm what much of…
Lighter is officially stepping beyond its roots as a high-performance perpetual DEX with the launch…
