This ransomware is particularly nasty, infected users are in danger of losing files forever.
Just last month, antivirus companies discovered a new ransomware known as Cryptolocker.
Spread through infected websites, this ransomware has been targeting companies through phishing attacks.
Cryptolocker will encrypt users’ files using asymmetric encryption, which requires both a public and private key.
The public key is used to encrypt and verify data, while private key is used for decryption, each the inverse of the other.
Below is an image from Microsoft depicting the process of asymmetric encryption.
The bad news is decryption is impossible unless a user has the private key stored on the cybercriminals’ server.
Currently, infected users are instructed to pay $300 USD to receive this private key.
Infected users also have a time limit to send the payment. If this time elapses, the private key is destroyed, and your files may be lost forever.
Files targeted are those commonly found on most PCs today; a list of file extensions for targeted files include:
3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx
Have you been a victim already?
Cryptolocker attempts to steal sensitive and confidential information from affected users to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following for additional advice:
Paying the ransom might not make your computer work again.
If you have already paid, you should contact your bank and local authorities. If you paid with a credit card, your bank may be able to block the transaction and return the money.
The following are government-initiated fraud and scam reporting websites for the regions that have recently been targeted by scammers:
- In Australia, go to the SCAMwatch website
- In Canada, go to the Canadian Anti-Fraud Centre
- In France, go to the Agence nationale de la sécurité des systèmes d'information website
- In Germany, go to the Bundesamt für Sicherheit in der Informationstechnik website
- In Ireland, go to the An Garda Síochána website
- In New Zealand, go to the Consumer Affairs Scams website
- In the UK, go to the Action Fraud website
- In the US, go to the On Guard Online website
If your country or region isn't listed here, we encourage you to contact your country's federal police or communications authority.
There is more information about this type of threat on microsoft's ransomware page.
Run up to date security software
Running Up-to-date security software is the best way to help protect your computer from malware.
Antivirus companies provide security software that is regularly updated to protect against the latest threats.
Whatever security software you own, make sure you update it regularly. We recommend you update your security software at least once a day.
Get the latest Software Update
New malware is written every day. Many of these threats target vulnerabilities in your computer software. Software companies regularly release updates that fix these vulnerabilities.
To help stay protected you should regularly update all your software. This includes programs like Java, Adobe and QuickTime.
You can easily keep all of your Microsoft software up-to-date by turning on Windows automatic updates. Your computer will then automatically download Microsoft security updates when your computer is online.
Understanding how malware works
Malware authors use several common tricks to install their malicious software on your computer. Understanding the most common ways can help you stay protected.
- Email – Malware often arrives on your computer in an email attachment. You should never open an attachment from someone you don’t know or if an email looks suspicious. Instant messages and requests for file transfers can also spread malware.
- Websites – Never open links to webpages that you don’t recognize or that are sent from people you don’t know. Malicious websites can install malware on your computer when you visit them.
- Use caution – If you view a website that doesn’t look quite right, or unexpected things happen when you visit, close your browser, download the latest updates for your security software and run a quick scan on your computer.
- Pirated software – Malware is often bundled together with pirated software. When you install the pirated software you may also install malware..
- Social engineering – Malware authors often try and trick you into doing what they want. This can be clicking or opening a file because it looks legitimate, paying money to unlock your computer or visiting a malicious webpage. These deceptive appeals are known as social engineering.
- Passwords – Attackers may try to guess your Windows account or other passwords. This is why you should always use a password that can’t be guessed easily. A strong password has at least eight characters and includes letters, numbers, and symbols.
The existence of malware such as Cryptolocker reinforces the need to back up your personal files.
However, a local backup may not be enough in some instances, as Cryptolocker may even go after backups located on a network drive connected to an infected PC.
Cloud-based backup solutions are advisable for business professionals and consumers alike, we also recomend a offsite image backup of all vital data.
For more information on chooseing your best backup soloution call and disuss your recovery plan.
If you find this guide helpful, please "Like" us on Facebook or follow us on Twitter @SolveMyIT
Unit 2, Addlepool Business Centre, Clyst St George, Exeter, EX3 0NR
01392 87 57 57
We are always interested in receiving CVs from experienced Helpdesk Support Engineers, as our business grows. View Jobs
Latest from TwitterTwitterX Error: cURL functions do not exist, cannot continue.
How to find us
- Unit 2, Addlepool Business Centre, Clyst St George, Exeter, EX3 0NR
- 01392 87 57 57
- Contact us online