• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 20th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Security » Malware » Fake Google Chrome update leads to CTB Locker/Critroni Ransomware

Fake Google Chrome update leads to CTB Locker/Critroni Ransomware

February 5th, 2015 Waqas Cyber Crime, Malware, Scams and Fraud, Security 0 comments
Fake Google Chrome update leads to CTB Locker/Critroni Ransomware
Share on FacebookShare on Twitter

A ransomware kind of threat has been on the loose that works by encrypting the data on the infected computer and then displays a message to the victim asking him/her to pay a fee so as to unlock the files. The ransomware is called Critron or can also be referred to as the CTB-Locker.

Chrome installers are downloaded from multiple locations:

The harmful payload is downloaded from websites that happen to be attacked by the hackers for the purpose of hosting malicious piece, Jerome Segura from Malwarebytes reported.

fake-google-chrome-update-leads-to-ctb-lockercritroni-ransomware-2

The threat works by redirecting the user dynamically to a website determined to be at assetdigitalmarketing[.]com/redirect[.]php. The next the victim sees is a sort of file appearing to be an installer for Google Chrome. The encryption process begins as soon as the installer is launched and at the end of the operation, the ransom message is delivered.

fake-google-chrome-update-leads-to-ctb-lockercritroni-ransomware

One can access the data without paying the ransom if the malware is of an older version. This is because the older version does not delete the shadow copies of the files created by Windows Volume Shadow Service. However, in the event that the files are not recovered, the items can still be retrieved through a program called Shadow Explorer; still, every version does not have this fault.

New CTB-Locker is pricier than before:

An extended grace period for making the bitcoin payment comes with the latest versions of Critroni which extends the period to 96 hours rather than the original 72. However, there is a higher cost attached to this; in the summer 2014, the demand was a few more hundred dollars instead of less than 50.

As a sign of good faith, it also contains versions of ransom message in various languages that allows one to decrypt a total of five items.

The newest release of ransomware have seemingly been caught by Malwarebytes (detected as Trojan.ZBAgent.NS), as the payment request if for 2 bitcoins (currently about $450/€400) with 96 hours being the deadline. The victim’s files are encrypted when the waiting period gets over after which the decrypting key also gets deleted from the server.

Google Chrome is activated automatically in the background without the user’s need to intervene; this should be remembered by users whenever they encounter the scam. When the user re-launches the application, the new version becomes available and the entire process runs smoothly.

Internet Explorer receives its updates via Windows Update while Mozilla Firefox has an automatic update process.

The new program version does not have its notifications delivered through the email and there are alerts built in the program. Therefore it is wise to verify any available revision of an application in question rather than updating from link received through an email.

Follow @HackRead

  • Tags
  • Chrome
  • CTB-Locker.
  • Google
  • Malware
  • Privacy
  • Ransomware
  • security
Facebook Twitter Google+ LinkedIn Pinterest
Previous article Pro-Assad Hackers Used Female Avatars To Steal Data From Syrian Opposition
Next article Fake WhatsApp for Web Spams the Internet, heaven for cyber criminals
Waqas

Waqas

Waqas Amir is a UK-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.

Related Posts
Severe flaws in password managers let hackers extract clear-text passwords

Severe flaws in password managers let hackers extract clear-text passwords

Download Kali Linux 2019.1 with Metasploit 5.0

Download Kali Linux 2019.1 with Metasploit 5.0

Rietspoof malware distributes ransomware via messaging apps

Rietspoof malware distributes ransomware via messaging apps

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Severe flaws in password managers let hackers extract clear-text passwords
Security

Severe flaws in password managers let hackers extract clear-text passwords

Feb 20th, 2019 267
Download Kali Linux 2019.1 with Metasploit 5.0
Downloads

Download Kali Linux 2019.1 with Metasploit 5.0

Feb 19th, 2019 902
Rietspoof malware distributes ransomware via messaging apps
Security

Rietspoof malware distributes ransomware via messaging apps

Feb 19th, 2019 519
Most & least radiation emitting smartphones in 2019
Technology News

Most & least radiation emitting smartphones in 2019

Feb 18th, 2019 1742

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.

Follow us