CTB Locker Ransomware Targets French Companies

A spam campaign delivering CTB Locker is targeting employees from French companies, Bitdefender researchers found.

The  spam e-mails  carry an attachment,a .cab file and a message claiming to be from a co-worker of the victim . The e-mails look like authentic bills and  are allegedly sent to management departments.


The e-mails invite people to open the .cab file, an auto-executable Microsoft archive. Once accessed, the CTB Locker cryptoware executes itself on the user’s computer and  ciphers any file found on the computer, along with everything it’s connected to – including external hard drive disks, file servers and backups.

The company is urged to pay a ransom to recover the encrypted files, within a very short period of time –  usually 72 hours.

How can users and companies protect themselves?

The e-mails usurp the identity of the victim’s co-worker, which adds a layer of trust and credibility to the scam . They are well-written, in the language of the user, making it even harder to identitfy the scam. Users are advised to be extremely careful when opening  e-mails from unknown senders, especially if they carry an attachment – it’s quite unusual to receive a .cab document. It’s also critical to use an anti-malware solution that proactively protects against threats, and to perform external backup of the company’s data on a regular basis in order  to avoid losing valuable data with a double-click.

This article is based on information provided courtesy of Profil Technology and Bitdefender researchers.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.

Add Comment

Click here to post a comment