Skip to main content

CryptoLocker Is The Nastiest Malware Ever & Here’s What You Can Do

Ransomware is an especially odious type of malware. The way it works is simple. Your computer will be infected with some malicious software. That software then renders your computer entirely unusable, sometimes purporting to be from local law enforcement and accusing you of committing a computer crime or viewing explicit pictures of children. It then demands monetary payment, either in the form of a ransom or a ‘fine’ before access to your computer is returned.
Horrible, isn’t it? Well, get ready to meet CryptoLocker; the evil patriarch of the Ransomware family.

What Is CryptoLocker

CryptoLocker is a piece of malware targeting computers running the Microsoft Windows operating system. It is typically spread as an email attachment, often purporting to be from a legitimate source (including Intuit and Companies House). Some say it is also being spread through the ZeuS botnet.
Once installed on your computer, it systematically encrypts all documents that are stored on your local computer, as well as ones that are stored on mapped network drives and mounted removable storage.
cryptolocker-example
The encryption used is strong, 2048 bit RSA, with the decryption key for your files being stored on a remote server. The odds of you being able to break this encryption is almost nonexistent. If you want to get your files back, CryptoLocker asks for you to fork over some cash; either two bitcoins (At the time of writing, worth almost USD $380) or $300 in either MonkeyPak or Ukash prepaid cards. If you don’t pay within three days, the decryption key is deleted and you lose access to your files forever.
I spoke to popular security expert and blogger Javvad Malik; this is what he had to say about CryptoLocker.
Ransomware such as CryptoLocker is not something very new – variations of Ransomware have been around for years. When you look at CryptoLocker, it predominantly comes in via phishing emails (from what I’ve seen). The best way to protect against it is for users to be vigilant against clicking on links within emails. Currently, it looks like there’s not much that can be done once infected and I wouldn’t advice anyone to pay the ransom. It goes back to having backups and data management in place.

Mitigating Against It

Reports suggest that some security programs have had a hard time of preventing CryptoLocker from getting its claws onto your system before it’s too late. Fortunately, American security expert Nick Shaw has created a handy piece of software called CryptoPrevent (free) . This applies a number of settings to your installation of Windows that prevents CryptoLocker from ever executing and has been proven to work in Windows XP and Windows 7 environments.
It’s also worth making sure that you check emails to see if they’re suspect before you open up any email attachments. Do they have an email address that matches up with the purported sender? Were you expecting any correspondence from them? Is the spelling and grammar consistent with what you’d expect from the genuine sender? These are all reasons to be suspicious of an email and to think twice about poking in any attachments.

Having Proper Backup

In these circumstances, I’d encourage everyone to make regular backups that are isolated from your computer. Using a networked backup solution will be utterly ineffective, as CryptoLocker has been known to encrypt data stored on these volumes.
cryptolocker-backup
If you use a cloud backup service like Carbonite, you can take comfort in knowing the odds are good that your files are versioned. That means if you back up an encrypted copy of a file you care about, you can revert to an earlier version. An employee of Carbonite posted this advice on Reddit.
I work for Carbonite on the operations team, and I can confirm this for most cases – I will also offer these two pieces of advice:
1) If you are affected by the virus, you should disable or uninstall Carbonite as soon as possible. If you stop backing up the files, it’s more likely that Carbonite will not have overwritten a “last known good” backup set. There is a high risk of some recent data loss (you’re effectively going back in time, so if we have no record of the file existing at a previous time, you won’t get it back) with this method, but it’s far, far better than losing all of your files.
2) When you call customer support, which you should do as soon as possible, specifically mention that you are infected with cryptolocker. It was mentioned in the post above, but I just wanted to put emphasis on it because it’ll get you through the queue faster.
Edit: also, just to state the obvious, make doubly sure the infection is off your machine before you call support, please.

Should You Pay The Ransom?

What if your computer gets compromised? It goes without saying that brute forcing a file encrypted with 2048 bit encryption is almost impossible. Noted computer security firm Sophos has looked at a number of files that have been encrypted by this particular malware and has failed to notice any obvious means in which they can be decrypted without forking over a ransom.
With that in mind, the only way to get your data back is by paying the ransom. However, this poses a major ethical dilemma. By paying the ransom, you make this type of chicanery profitable and therefore perpetuate it. However, if you don’t pay the ransom, you forever lose access to everything you’ve been working on which is stored on your computer.
What further complicates things is that it is impossible to ascertain who would be the recipient of any money paid. It may something so simple as a single person working from his bedroom looking to get rich at the expense at others, or it might be something much more sinister.

Popular posts from this blog

ASUS VivoBook X202E Windows 8 Touchscreen Laptop Review And Giveaway

It wasn’t very long ago when prices of touchscreen Windows 8 laptops soared beyond $1000. Thankfully, those days are behind us, and portable computers can easily be purchased – touchscreen and all – for under $500. That’s precisely the demographic in which the ASUS VivoBook X202E falls. When compared to a high-end laptop, its specifications might seem modest, but for laptop buyers just looking for a way to browse the web, watch videos, use basic apps, and not spend too much money, something in this budget is perfectly suitable. The question is, of course, how does the ASUS VivoBook X202E compare to others on the market, and is it the one which you should be spending your hard-earned money on? Well, you’re just going to have to keep reading to find out. Best of all, we are giving away an ASUS VivoBook X202E to one lucky winner. Keep reading for your chance to take home this Windows 8 touchscreen laptop! Introducing the ASUS VivoBook X202E Laptop The ASUS VivoBook X202...

Samsung Galaxy Note 3 N9000 Review and Giveaway

When it comes to massive phones, nothing is more iconic than the Samsung Galaxy Note. It has gained popularity not only due to its size, but its additional features such as a stylus and a larger battery make it a more useful phone. Samsung released the third generation of the Galaxy Note in October, updating the phablet with a larger screen and improved hardware. Read through our review, then join the giveaway to win the  Samsung Galaxy Note 3 ! Competitors Of course, other Android competitors haven’t let the $640  Galaxy Note 3  be the only player in the phablet market. There are others such as the  Sony Xperia Z Ultra , the Samsung Galaxy Mega , and the other more common phones that are reaching 5″ screens such as the  Samsung Galaxy S4 , the  HTC One , and the  Nexus 5 . Unlike the normal-sized top contenders, the Galaxy Note 3 has a bigger screen and larger battery. It also offers specific features (surrounding the S Pen stylus) th...

Samsung Galaxy S5 Review and Giveaway

Few smartphones are as aggressively marketed as Samsung’s Galaxy S5. The S5 can no longer be considered brand-new — but it  is  Samsung’s flagship, at least for the next few months. With a gorgeous screen, a capable camera, a waterproof build, and a user-replaceable battery, the Galaxy S5 has a lot to offer… at least on paper. Let’s find out how good it really is. What Makes This Review Different There are about a million Galaxy S5 reviews out there. Why should you read this one? Two keys points make our review different: We bought our own device . Unlike many tech blogs, we don’t use a review unit Samsung gave us. We went out to the store and bought one, just like you would. This means everything you read here is truly impartial – we owe Samsung nothing. We used it for more than a month . Some sites rush to be the first to publish a review on a new device. That’s not how we do things. I used the Galaxy S5 as my main (and only) Android phone for nearly two months,...