Bob can’t believe his ears: Warnings have been issued from the NCA’s Cyber Crime Unit that an insidious attack has been launched, a virus named CryptoLocker is on the loose and targeting users PC’s with an aim of holding data hostage. Once the computer has been taken, these crafty criminals offer you the option to pay a ransom to get your personal data back!
How does CryptoLocker spread?
CryptoLocker is a Trojan horse, a program which appears to be performing a desirable action but is in fact carrying out malicious processes.
CryptoLocker is usually distributed through cleverly disguised emails from your bank or other eCommerce sites. If you click on the attached file (which at first glance appears as a PDF file, but uses the .PDF.EXE double extension trick to hide its sinister executable nature), your computer becomes infected.
These criminals are as always, becoming more advanced by the day and using new techniques to distribute their own brand of mayhem. One recently discovered method is to compromise websites with malicious exploit kits which take advantage of software vulnerabilities and spring CryptoLocker on unsuspecting visitors.
What are the signs?
You will only see the signs once it’s too late, once this little devil is unleashed there is no stopping it. A screen will appear informing you that your PC has been taken hostage and you must pay a large sum to rescue your data.
A 72 hour timer is displayed, which ticks down and explains that if you do not pay the ransom demand, your files will be permanently inaccessible and impossible to ever decrypt.
Of course, you perform regular backups on your PC, so this won’t be a problem… right?
Well, shame on you! If you don’t then you should let this whole terrible ordeal be a lesson to you. How many precious memories are stored within photos on your PC? How would you feel if you couldn’t retrieve them?
Should I hand over the cash?
Payment methods include MoneyPak and Bitcoins, the majority of us haven’t even heard of these services. Bob would never advise paying criminals, the fact is once they know you’re willing to pay, they’re going to make more and more requests, just like an Advance Fee Fraud. Just dust yourself down and move on.
My antivirus will remove CryptoLocker and restore my files… Surely?
Do you think these hostage taking cyber criminals haven’t thought about your Antivirus? Cryptolocker has already encrypted your files. Once your antivirus stops CryptoLocker you will see a new message, one that offers to take you to a webpage to download the virus again with the promise that they will decrypt your files for a cash sum.
I want to protect myself!
Bob’s Crypto Busting Method is threefold…
- Firstly, protect your computer from becoming infected by keeping it up-to-date with anti-virus. Ensure you are being especially cautious of opening unsolicited email attachments or clicking on unknown links.
- Secondly, for business, consider setting a software restriction policy on your Windows PCs that prevents executables from running from certain locations on your hard drive.
- Finally, if you take one message from Bob today make it this…
Make backups of your important data! Store them in a secure location external to your PC (to prevent malware like CryptoLocker from encrypting your backups as well) So should the worst happen, you should be able to restore your valuable data and leave the crooks empty handed!
For you lucky ones who are working from a MAC.. You are safe for now.