A new piece of ransomware allegedly borrows components borrowed from other successful variants, and informs the victim that they have been encrypted by CryptoLocker.
Named TorrentLocker, it has unique code but the ransom message informs victims that their files have been encrypted by the “CryptoLocker virus,” and the ransom page and the FAQ section look like the one from CryptoWall.
According to Security Week, while TorrentLocker lacks distinguishing features, other file encryptors employ some innovative techniques. For example, the recently discovered CTB-Locker (Critroni) uses Tor to communicate with its C&C server and it relies on an unusual cryptographic scheme to ensure that files can’t be decrypted unless the ransom is paid.