Cryptolocker has been menacing gullible users, encrypting their files and demanding ransom in lieu of a private decryption key. Users and even law enforcement agencies have been succumbing to the demands and dolling out ransoms as high as 2 BTC to get their data back. However, it seems that fight against Cryptolocker is on as someone has decided to go all-in against the crypto malware by identifying its C&C domains and getting them suspended.
It is known that Cryptolocker is spreading through phishing mails and the infection rate is quite high. There have been reports from multiple antivirus and antimalware companies that they are getting reports of thousands of infections per day.
As phishing mails are involved, it is implied that there has to be some kind of spam campaign running through multiple servers. Further once the infection takes place files are encrypted using one key and decryption is offered through another key implying that there has to be some form of communication between the perpetrators behind Cryptolocker and the infected system.
MalwareMustDie has revealed that they have managed to identify a total of 138 Cryptolocker C&C and have been successful in getting them suspended as well. The complete list of blocked domains can be found here.
