-
Posts
-
How would you feel if you lost all your files? Every pic, music track, document, video – forever?
If you’ve never heard of CryptoLocker, count your blessings – and then act fast!
CryptoLocker is a particularly nasty virus that’s doing the rounds at the moment. It encrypts your files (pics, docs, music, vids etc) using military-grade encryption – and then offers you the chance to purchase a decryption key for around £250. Without the key, it’s virtually impossible to decrypt your files. You have 72 hours to pay the ransom. Once the 72 hours has elapsed, there’s still a chance you can purchase a decryption key – but at around 5 times the original amount.
If you ‘interfere’ with the virus (e.g. remove it), the damage has already been done – i.e. your files are still encrypted.. and as a ‘punishment’ , the 72-hour countdown clock is immediately run down to 0. If you still want the decryption key at this point, it’ll cost you over £1200.
The encryption is not limited to internal drives. Files on external drives, NASs, USB drives etc are all on CryptoLocker’s hit list.
The virus is most often spread via email attachment (though it can also be spread via pretty much any other way of file/data delivery). Emails will usually appear to be customer service related, with an attached ‘pdf form’ that they require you to complete (most common seems to be ‘undelivered parcel’ emails supposedly from UPS / DHL / FedEx etc). The attached ‘pdf’ is not a pdf file at all, but an executable program which delivers the virus.
Whilst backups would obviously help in a case such as this, It’s important to understand that these files will likely have been encrypted if they haven’t been isolated from the infected PC. There’s also a built-in utility (which I won’t mention here) within some versions of Windows which can sometimes help, but on the nine infected computers I’ve worked on, this functionality helped with just two (and only partially on those). Even the most successful of those cases resulted in the loss of 281 files.
Whilst some antivirus/anti-malware/ security suites are capable of identifying the threat and stopping the virus, many more are not (all the nine machines I worked on had at least some kind of security installed).
I’m urging all my customers.. and anyone else who will listen.. to take the following action asap:
A company called SurfRight offers a free program called “HitmanPro.Alert”. The BETA version of this program includes “CryptoGuard” – which is designed to stop CryptoLocker and other similar threats in their tracks. It does not remove the virus, it simply stops the encryption taking place (i.e. it keeps your files safe) and displays an on-screen warning should it detect any issues.
If you get to that point, you’re given the option to download and run another SurfRight program, HitmanPro – which is not free. Luckily, you don’t have to do that – just download Malwarebytes Anti-Malware (free) and run a full scan. That will remove the virus.
There ya go. Oh yeah, I haven’t put links in – cos ya shouldn’t be clicking on random links should you!
I’ll go to heaven I will.
Not just yet though I hope.
:)
Thanks for the information, Mallycat.
I had already heard of this and other forms of ‘ransomware’ but wasn’t aware of that programs currently existed to counter this particular threat.
i’ve been reading about ‘ransomware’ too……….although i don’t understand a lot of the information available it’s clear to see that virus’s/nasty bugs are going into another league
a computer can lose important files in any number of ways..the viruses such at these are always well ahead of the counter-viruses. No sooner is a new protection worked out than the crooks have developed new viruses..the crooks are well ahead of the game.
Unfortunately, we’re just at the start of nasty people playing games with our lives through cybercrime. When it gets to the really serious criminals – the intelligence agencies and the military of other countries and our own, then really worry. They can paralyse a country’s life, literally, though again we’re only in primary school days.
For now, I try to copy important files onto memory sticks, etc. Not as a counter to the crims, but just because a computer can go wrong. An old (now deceased) friend of mine lost a book he was writing halfway through writing it – he was shell-shocked.
I’d never heard of ‘ransomware’ so thanks.
Most files, and music I can do without, but it’s the 10 years worth of photo’s that I have stored that can never be replaced. These are memories and very precious.
Fortunately I have these backed up on another computer and a memory stick.
Cyber crime is a worry, everything these days is internet-based. Even at work a network problem brings me to a complete halt. And there is a lot to be said for keeping banking details off the internet. But in this day and age how realistic is that?Well I for one have downloaded this, so thanks Mr Cat :D
You”re all welcome, but please.. don’t thank me.. just send me money :D Apart from you Daisy, I’ve arranged special payment terms for you! :P
The most important thing to bear in mind is -if you have access to a file, then in most cases, so does the virus. As far as I’m aware, at the moment, CrytoLocker only accesses things that have been assigned a drive letter (c: D: etc.) but doesn’t follow UNC paths (e.g. \serversharefile_path) – though it’s only a matter of time before it does.
If you insert a USB stick into an infected computer, those files will be encrypted too (unless the stick is write-protected). The same is true of external drives. Similarly, if you have several computers on the same local network, then the files on all of the computers are (or very soon will be) at risk.
I seem to have spent half my life trying to get family, friends and customers to properly back up their data. The golden rule has always been “if your file doesn’t exist in at least two completely separate places, then it ain’t backed up”. ‘Completely separate places‘ is the bit many people have trouble with. So many times I hear “Oh I backup my files to my E: drive” – only to find that their E: drive is just a partition on the same disk as their C: drive. Though strictly speaking, that could be considered a backup, it’s not a very safe one because a disk failure will take out both the original and backup files.
These days, it’s easier than ever to backup with the various free cloud storage options available (Wuala, Dropbox. SkyDrive, GoogleDrive etc), but it still only seems to be something most people think about when it’s too late (after a disk failure/virus infection etc).
Btw, if you’ve been put off using cloud storage because you’re worried about your data being ‘out there’ – there’s a simple solution – pre-encryption. Your files are encrypted before they’re copied to online storage. If hackers gain access to the remote servers, your files are safe as the decryption key is known only to you. ‘BoxCryptor’ is a good example of pre-encryption software – it’s free for private use and is very easy to set up and use.
I’m gonna shhh now, cos mi fingers have worn away.
Disassembles bits and pieces from obsolete old computers, like the vic 20, zx81 and Amstrad PCW2000, fashions a funny looking altar with the old motherboards, genuflects in praise to Omalley the cybergeek god.
Good work, bud.
@desmondy wrote:
I’d never heard of ‘ransomware’ so thanks.
Most files, and music I can do without, but it’s the 10 years worth of photo’s that I have stored that can never be replaced. These are memories and very precious.
Fortunately I have these backed up on another computer and a memory stick.
Cyber crime is a worry, everything these days is internet-based. Even at work a network problem brings me to a complete halt. And there is a lot to be said for keeping banking details off the internet. But in this day and age how realistic is that?go buy yourself lots of discs and sticks
Wonders how long this payment plan is! :P
Get involved in this discussion! Log in or register now to have your say!