CryptoLocker Is The Nastiest Malware Ever & Here’s What You Can Do

CryptoLocker Is The Nastiest Malware Ever & Here’s What You Can Do

Ransomware is an especially odious type of malware. The way it works is simple. Your computer will be infected with some malicious software. That software then renders your computer entirely unusable, sometimes purporting to be from local law enforcement and accusing you of committing a computer crime or viewing explicit pictures of children. It then demands monetary payment, either in the form of a ransom or a ‘fine’ before access to your computer is returned.

Horrible, isn’t it? Well, get ready to meet CryptoLocker; the evil patriarch of the Ransomware family.

What Is CryptoLocker

CryptoLocker is a piece of malware targeting computers running the Microsoft Windows operating system. It is typically spread as an email attachment, often purporting to be from a legitimate source (including Intuit and Companies House). Some say it is also being spread through the ZeuS botnet.

Once installed on your computer, it systematically encrypts all documents that are stored on your local computer, as well as ones that are stored on mapped network drives and mounted removable storage.

cryptolocker-example

The encryption used is strong, 2048 bit RSA, with the decryption key for your files being stored on a remote server. The odds of you being able to break this encryption is almost nonexistent. If you want to get your files back, CryptoLocker asks for you to fork over some cash; either two bitcoins (At the time of writing, worth almost USD $380) or $300 in either MonkeyPak or Ukash prepaid cards. If you don’t pay within three days, the decryption key is deleted and you lose access to your files forever.

I spoke to popular security expert and blogger Javvad Malik; this is what he had to say about CryptoLocker.

Ransomware such as CryptoLocker is not something very new – variations of Ransomware have been around for years. When you look at CryptoLocker, it predominantly comes in via phishing emails (from what I’ve seen). The best way to protect against it is for users to be vigilant against clicking on links within emails. Currently, it looks like there’s not much that can be done once infected and I wouldn’t advice anyone to pay the ransom. It goes back to having backups and data management in place.

Mitigating Against It

Reports suggest that some security programs have had a hard time of preventing CryptoLocker from getting its claws onto your system before it’s too late. Fortunately, American security expert Nick Shaw has created a handy piece of software called CryptoPrevent (free) . This applies a number of settings to your installation of Windows that prevents CryptoLocker from ever executing and has been proven to work in Windows XP and Windows 7 environments.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: