Analyst: Despite FBI claims, Cryptolocker still a threat
The dreaded Cryptolocker virus is still a threat, says Tyler Moffitt, a threat research analyst at security firm Webroot. Cryptolocker

The dreaded Cryptolocker virus is still a threat, says Tyler Moffitt, a threat research analyst at security firm Webroot.
Cryptolocker is one of the most infamous recent forms of “ransomware” to have infected PC’s. It locks access to files, demanding a ransom payment of bitcoins to restore access. Understandably, Bitcoin is a preferred method of payment in order to grant anonymity to the attacker. Tor, which can make transactions somewhat anonymous, is another method.
Join the iFX EXPO Asia and discover your gateway to the Asian Markets
In one string of infections, Israeli victims reached out to a local Bitcoin exchange to buy the bitcoins they desperately needed. The exchange reportedly took the liberty to waive fees and notify police on their behalf.
In a blog post titled “Cryptolocker is not dead”, Moffitt says that FBI claims of having neutralized the virus are dubious. The FBI previously claimed that “Cryptolocker has been neutralized by the disruption and cannot communicate with the infrastructure used to control the malicious software.” Moffitt explains:
Suggested articles
Liquidity Constraints in 2021 – What is the Best Path Forward?Go to article >>
“The reason why this claim should be scrutinized is because it is only the samples dropped on victims computers that communicated to those specific servers seized that are no longer a threat. All samples currently being deployed by different botnets that communicate to different command and control servers are unaffected by this siege…”
Malware authors can simply “rent” space from other botnet servers, and there are plenty available.
In addition, Moffitt says that malware authors have since built viruses more advanced than Cryptolocker, such as CryptoWall, New CryptoLocker, DirCrypt and CryptoDefense.
He points to several examples of Cryptolocker or its variant’s continued attacks. He also discussed some best practices on how to cope with them if you fall prey.
I think the FBI, with whatever good intention they had, made a huge mistake by saying that they had completely “neutralized” cryptolocker. There are still many cases of users getting infected by it, and as you rightly mentioned, the malware authors can simply go on to another botnet server and rent some space there to continue their attacks. If you still don’t have a program to protect your PC, I recommend you look into Rollback RX. It is a comprehensive software that works on a system of snapshots, so if you were to get infected by this ransomware, you would… Read more »
I think the FBI, with whatever good intention they had, made a huge mistake by saying that they had completely “neutralized” cryptolocker. There are still many cases of users getting infected by it, and as you rightly mentioned, the malware authors can simply go on to another botnet server and rent some space there to continue their attacks. If you still don’t have a program to protect your PC, I recommend you look into Rollback RX. It is a comprehensive software that works on a system of snapshots, so if you were to get infected by this ransomware, you would… Read more »