Cryptolocker Ransomeware – The Latest Bad Boy In Town

Virus mongers are getting more sophisticated and more dangerous every day. This latest addition is so sophisticated that once you are hit, you ate done. You either pay up or you lose your vital documents. The targets were initially corporate organizations but of recent intividuals are now being infected. 

image

The above appears on your PC once infected and when you see this, you are toasted.

As at now the numbers of infected computers worldwide is put at about half a million and the figure is rising. Mostly in the US and the UK but it has appeared in other parts of the world.

Once infected,  the perpetrators ask you to send a sum of money to obtain the key to unlock your data with a warning that after a time lapse, your vital data would be lost forever. Should you try to tamper with the encryption, you also lose your data. Reports say that those who elect to pay usually get the private keys to decrypt their data but as this is a Ransome scam, nothing is certain. Payments may actually encourage the evil doers to go for more PCs also encourage wanabes. 

Infection Distribution from those who reported

image

Mode of infection

“The first versions of Crytpolocker appear to have been posted to the net on 5 September.

Early examples were spread via spam emails that asked the user to click on a Zip-archived extension identified as being a customer complaint about the recipient’s organisation.

Later it was distributed via malware attached to emails claiming there had been a problem clearing a cheque. Clicking the associated link downloaded a Trojan horse called Gameover Zeus, which in turn installed Cryptolocker onto the victim’s PC.”

Suggested Safety Measures

Dell suggested PCs be blocked from communicating with the hundreds of domains names it had flagged as being linked to the spread of Cryptolocker, and it suggested five further steps the public and businesses could take to protect themselves:

Install software that blocks executable fields and compressed archives before they reach email inboxes

Check permissions assigned to shared network drives to limit the number of people who can make modifications

Regularly back-up data to offline storage such as Blu-ray and DVD-Rom disks. Network-attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there

Set each PC’s software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories

Set the computer’s Group Policy Objects to restrict registry keys – databases containing settings – used by Cryptolocker so that the malware is unable to begin the encryption process

Well guys, this boils down to what we have been saying as regards our web surfing habits and how we deal with suspicious emails and attachments.

Culled from:
BBC.COM  http://www.bbc.co.uk/news/technology-25506020

Further reading on this topic:
http://www.bbc.co.uk/news/technology-25363270
http://www.bbc.co.uk/news/technology-24964426

Let’s have your experiences and your comments below.

Leave a Reply

Your email address will not be published. Required fields are marked *