Once again, there is a new type of ransomware in town, which shows a lot of similarities with the once feared CTB-Locker malware strain. However, this tool does something differently, as it uses WinRAR to lock data in password-protected zip files. This is an interesting take on file encryption, although it may not be as worrisome as people may think at first glance.
Throughout the past few months, internet criminals have been stepping up their game when it comes to creating powerful ransomware. Even though CTB-Faker borrows a lot of its code from CTB-Locker, do not take this threat lightly. Getting infected with this malware will make computer files inaccessible, which is never a good thing.
That being said, it is possible to decrypt the data, although it will take a more complicated process than normal. Interestingly enough, CTB-Faker often spreads through adult websites, particularly those promoting private striptease dance videos. Platform visitors are invited to download a zip file containing an executable file, containing the CTB-Faker ransomware.
So far, this method of attack has proven to be quite lucrative for internet criminals. One of the Bitcoin addresses used by this malware has received 577 BTC in payments so far. Not bad for a rather harmless ransomware, even though it can be quite annoying to deal with for the average user. Paying the ransomware fee of US$50 in Bitcoin is usually the preferred action, as it is a rather small price to pay compared to other forms of malware.
Security researchers have discovered the CTB-Faker name is aptly chosen, considering how little of a threat this malware truly poses. Instead of using SHA-512 and RSA-4096 encryption to lock files, it uses the standard encryption used by the WiNRAR software. One researcher has found a way to break this encryption for free, and he will gladly help infected users do so.
While the ransom note provided by CTB-Faker may be very worrisome, none of its claims can be backed up. Moreover, the low ransom price point makes it appealing to less tech-savvy computer users to just pay the money and have file access restored. But rest assured a free solution is available when reaching out to the right people.
Image credit 1
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.
Ethereum developers have officially named the network’s post-Glamsterdam 2026 upgrade Hegota. The name merges two…
TRON is pushing deeper into real-world financial infrastructure. TRON has announced that Kalshi, the world’s…
The “crypto Robin Hood” story has reached its legal end. A London court has sentenced…
$NEAR is now live on Solana. And the implications go far beyond a simple token…
Bitcoin moved fast. Then it pulled back just as quickly. A sudden surge pushed BTC…
Hyperliquid is facing one of its most consequential governance moments yet. A proposal now before…
