What is CryptoLocker?
CryptoLocker is a Trojan ransomware that supposedly encrypts files on an affected system and demands a ransom for the restoration of the data. It first appeared on the internet in 2013 and was aimed at Windows-based computers.
CryptoLocker spreads via compromised email attachments or via a botnet. Once downloaded and activated, it will look for specific file types to be encrypted using RSA public key cryptography and then send the private key to some remote servers. It then asks the system owner to pay a ransom to decrypt or restore their affected files; Otherwise the private key will be lost.
While the malware itself isn't difficult to remove, the affected files remain encrypted. At the time of the first outbreak, users without reliable backups had the choice of paying the ransom - hoping the backers were honest enough to actually decrypt the affected files; or simply accept their data as lost. However, there are now online tools that have the ability to decrypt files that have been encrypted by CryptoLocker.