Security Experts Fail to Disable CryptoLocker

Dennis Faas's picture

A group of security experts have failed in their bid to disable the dreaded CryptoLocker malware. That means the crooks behind CryptoLocker continue to use the ransomware scheme to demand hundreds (or even thousands) of dollars in bitcoins from their victims.

The security group 'Malware Must Die' attempted to disable CryptoLocker by taking down a list of domains known to be associated with the cybercriminals behind the scam. Malware Must Die reportedly started its offensive last weekend.

New reports suggest the campaign was successful in suspending an estimated 138 domains associated with CryptoLocker. However, security experts say the operation failed to kill off CryptoLocker and acknowledge that the ransomware continues to pose a threat.

Death of CryptoLocker Reports "Premature"

It's disappointing news for law enforcement officials and security experts who initially thought Malware Must Die's operation had been successful.

"It is no surprise that the announcements of the death of CryptoLocker appear to have been somewhat premature," noted Scotland Yard detective and technical consultant Adrian Culley.

Culley added that "an essential part of the process is post-takedown analysis," but acknowledged that "the botnet is very much still alive and kicking." (Source:

Still, there's hope yet. Culley says experts' post-takedown analyses could help them learn more about the ransomware and the cybercriminals behind the surprisingly successful scheme.

"Efficient post-mortems lead to better surgery, and this is just as true of botnet remediation as it is medically," Culley said.

How to Avoid a CryptoLocker Ransom

With CryptoLocker remaining a potent threat, security experts are warning everyone -- including home and business users -- to take certain precautions in order to prevent an infection.

First, back up your data. A cybercrook can't hold your files ransom if you have another way to access them.

Second, take care when opening emails. Most CryptoLocker infections have spread through malicious emails attachments.

"Like any other piece of malware, common sense goes a long way," notes Jason Glassberg, of security company Casaba. "The critical thing is it's not going to install files by itself. You have to initiate some action." (Source:

Rate this article: 
Average: 3.5 (2 votes)