CryptoLocker is an especially insidious form of Ransomeware malware that was first detected in
the wild in September 2013, restricts access to infected computers and requires
victims to pay a ransom in order to regain full access.
What makes CryptoLocker so bad is
the way it encrypts the user data on your hard drive using a strong encryption method. This makes it literally
impossible to access your own data without paying the ransom amount to the
criminals between $100 and $300 or two Bitcoins,
even now more.
Once affected you will be locked out
of your computer and unless you pay the ransom amount in 72 hours , the virus
will delete the decryption key to decrypt all the files on your PC .
The malware lands on PCs the same
way other malware does and a few sensible precautions will help minimize the
chances of a CrytoLocker attack.
Yesterday, it was reported that - UK's National Crime Agency has given out an
urgent national alert that a mass spamming event targeting
10 million UK based email users with CryptoLocker.
What if your computer gets
compromised? Currently there is no option to
decrypt the files without the decryption key and brute forcing a file encrypted
with 2048 bit encryption is almost impossible. If you don’t pay the ransom, you
forever lose access to everything you’ve been working on which is stored on
your computer.
A few things you can do to prevent
your PC from getting infected with the CryptoLocker virus:
- Most viruses are introduced by
opening infected attachments or clicking on links to malware usually
contained in spam emails. Avoid opening emails and attachments from
unknown sources, especially zip or rar archive files.
- Most people have some anti-virus program, but how do you know it’s
effective? Ensure you have best one active and up-to-date.
- Also keep your operating system
and software up-to-date.
- Keep a backup. If you have a
real-time backup software then make sure that you first clean the computer
and then restore the unencrypted version of the files.
- Create files in the Cloud and
upload photos to online accounts like Flickr or Picasa.
- Windows 7 users should set up
the System Restore points or, if you are using Windows 8, configure it to
keep the file history.
- Make sure you have reformatted
your hard drive to completely remove the CryptoLocker trojan before you
attempt to re-install Windows and/or restore your files from a backup.
There are many free tools now
available in the community, that can help users to protect their systems from
this malware.
1.) CryptoPrevent tool, created by American security expert Nick Shaw.
This tool applies a number of
settings to your installation of Windows that prevents CryptoLocker from ever
executing and has been proven to work in Windows XP and Windows 7 environments.
2.) HitmanPro.Alert 2.5, a free utility that will help you to protect your computer
against the CryptoLocker ransomware malware.
HitmanPro.Alert 2.5 contains a new feature, called CryptoGuard that
monitors your file system for suspicious operations. When suspicious behavior
is detected, the malicious code is neutralized and your files remain safe from
harm.
3.) BitDefender Anti-CryptoBlocker, an encryption-blocking
tool that can detect and block malware from installation.
Intrusion prevention systems can block the communications protocol send from the
Cryptolocker infected system to the remote command-and-control server where the
malware retrieves the key to encrypt the files. Blocking the communications can
prevent the encryption from taking place.
