Business Focused IT Support

Ransomware – CryptoLocker

by Nicki Dowsett in Uncategorized

Ransomware – Cryptolocker

In simple terms this is a version of ransomware based on holding users to random for their data.   Malware is installed on your system through spam emails and will hijack your data, then hold you to ransom by demanding payment to release the data.  Chances are you will never see your money or your data again.

How this works

Using social engineering, CryptoLocker will trick the user.  A Trojan email will be sent to you with a Zip file and ask you to open this with a password that is included in the email.  Once the system attempts to open the files, CryptoLocker will take advantage of Windows default behaviour by hiding the real malicious file and installing this on your system.  It will save itself to a folder in your user profile with a key register to make sure it runs every time your computer is started.

Once installed it will generate a random key for each file that it encrypts, the only person with the key is the person that has sent the Trojan email and only they can decrypt it to open your files.  Once it has encrypted all your files, it will pop up a message on your screen asking for a ransom to obtain the key and a time limit for you to pay.

Cryptolocker pop up warning

Cryptolocker pop up warning

How to ensure you are not affected by this

Essentially this is down to the individual.  The one main rule everyone should follow is ‘Never open an attachment from someone you don’t know’.  Following this rule is the first step to avoid any virus, not just CryptoLocker.  The second key rule to follow is ‘Regular and consistent back up of all files’.  This means that you will effectively only lose the data that has been created since the last back up e.g the night before. The third and quite possibly one of the most important rules ‘Never pay up’.  By paying these ransoms you are effectively letting them win.  Scams such as these and many others will only continue if people pay up.  It becomes a source for a large amount of income and encourages these scammers to come up with new and wonderful ways to scam people. Make sure that your Operating system is regularly updated to ensure that any fix/patch from Windows is installed in your system to avoid any infiltration.  Operating systems are regularly updated to combat any new virus threat as they become known.

Rules:

  1. Never open an attachment from someone you don’t know
  2. Regular and consistent back up of all files
  3. Never pay up
  4. Make sure that your Operating system is regularly updated.

 

As time has gone on and Operating Systems have been patched for these threats, we are now starting to see variation on Cryptolocker and it is now often seen as CrytpowallIt is essentially the same threat, however sticking to the above rules you are more likely to escape this threat.

We have had a number of cases of this being reported to us from companies.  If you have any concerns for your current email filtering and virus protection, please contact us a matter of urgency to discuss your options.  It is easier and more cost effective to protect you from virus threat than it is fix the problem.  If you become a victim of any virus it will not only be costly to fix, you may lose valuable data and work time.

 

Tags: , ,

Comments are closed.