Malware Alert: CryptoLocker

3coast wanted to make you aware of a new, extremely destructive malware infection that is currently causing chaos in the cyber world. It’s called CryptoLocker.

What is CryptoLocker?

CryptoLocker is a form of ransomware, a class of malware that restricts access to the computer system that it infects. In turn, it demands a ransom to be paid to the creator in order for the restriction to be removed.  In the first quarter of this year, McAfee has collected over 250,000 unique samples of ransomware.

How does it work?

The attack will encrypt certain files and when finished, will display a CryptoLocker payment program to prompt the user to pay (MoneyPak vouchers or Bitcoins) in order to

CryptoLocker payment program screencap.

CryptoLocker payment program screencap.

decrypt the files. A time limit is given and if not met, the creator of the virus can destroy the key to access your files, leaving them permanently unattainable. Also, if you have any mapped drives, those will be encrypted as well and cause quite a mess.

How do I prevent getting it?

Don’t open emails or attachments from unknown sources. If you receive an email from someone you know and it looks suspicious, it’s probably best not to open any attachments. Contact the person and ask them if they sent the email.

Sometimes, you may be prompted to update certain software (Java for example) while browsing the web. These updates can be cleverly disguised malware attacks. It’s best to go to the software or program and update it from there.

Back up. Back up. Back up.

One of the most critical steps you should take to avoid losing important data is to back up your files. Even if you pay the ransom after being infected, it doesn’t guarantee you won’t get hit again. Back up your files to truly protect yourself.

Leave a Reply

Your email address will not be published. Required fields are marked *