Researchers have come across a new ransom ware variant which they’ve dubbed CryptoLocker: Win32/Crilock. This piece of ransom ware is designed to encrypt files on the infected device and keep them that way until a ransom is paid by the victim.
Interestingly enough.. this ransomeware is known to give you the key to unlock your files if you pay the fee within the given time!
How nice of them!.
The files affected by CryptoLocker are not typically important to home users, more rather targeted at businesses where the sensitivity and importance of the files would be expected to be much higher - naturally increasing their chance of getting paid. Files with extensions such as odt, doc, docx, xls, xlsx, ppt, pptx, mdb, accdb, and many more are affected.
The nasty ware is typically distributed via emails informing recipients of customer complaints.A user gets infected by opening the file that is attached to the email.
Once it infects a computer, CryptoLocker creates a registry entry starting the malware when the system boots, establishes communications with its command and control server.
The malware starts communicating with it's server using traffic that’s encrypted using RSA encryption.
This not only allows the attacker to differentiate the actual communication between the malware and its server, but makes sure the malware is talking to the attacker’s server and not a blackhole controlled by malware researchers.
CryptoLocker then looks for files on the affected system and encrypts them. Unfortunately, it’s impossible to decrypt the files without the AES Key
Users are advised not to pay for this scam. This feeds the criminals - they see success they continue. Should you be infected we suggest you take your computer in to your local tech and have the malicious software removed. As we have mentioned in the past on the importance of back ups, this is where it definately would come in handy! Once your system is clean you can simply restore your files from your back up.
We are at a time where security software alone is not enough. Although many users say they don't want to know about the stuff they just want "it" to work, some basic education is now essential for everyone, especially professionals for example, medical offices etc. handling sensitive data. This can save a lot of time and money. To sum things up simply put YOU are the best security. Antivirus software / Antimalware software is just your assistant.
If you find this information useful please share
The Microdyne Team.