By Manish Singh
There is a new computer virus in town, and it is here to cripple all your data. The virus is not so new, per se, it is called “CryptoLocker” but it has been super active lately. If you are under the impression that buying a paid trustworthy Anti-Virus is enough to keep your computer safe, you are sadly mistaken. At the time of writing, no cure for this malware had been found.
Cryptolocker is Ransomware, Not Just Malware
CryptoLocker is ransomware, which when enters a Windows running system, encrypts all the data it can find. It makes them hostage and asks for anything in between $100-$300 or 2 Bitcoins (estimated value, $380), a currency which is very anonymous too. If the payment isn’t made within the said time, your files will stay useless, only that there is no hope left as well.
Ransomware is not a new thing in the computer world, but the kinds we have seen till now were only freezing our computers or asking for some money, which almost in all cases were easy to break and escape from.
Many security suites including Sophos and BitDifender are now able to detect this malware and even remove it, but that isn’t the point really. Once your computer is infected and the 72-hour countdown has started ticking, it is almost impossible to undo the changes and decrypt the data.
We suggest you to download and install Virus Removal Tool from Sophos.
Interestingly, since CryptoLocker is a ransomware and not a typical computer virus, it doesn’t move or delete your files either. Even if you’re infected, all your files will still be there on your computer, only that you won’t be able to access them. Once it is in your system, it looks for files all over your computer, including the ones in the connected storage devices.
Infected with Cryptolocker already?
You can in fact, make backup copies of the encrypted files and may be wait for someone to find a fix for it. Ironically, at the time of infection, if the backup storage devices were also attached to the system, those files will get the same treatment.
So far the attackers haven’t been traced but the predominant source of these attacks are via phishing. Phishing, as you know a fraudulent practice, where you receive vicious emails which appear to be coming from a legit source. This wins your trust and makes you click on the links inside it. Those links can later grab important information from your computer, or fool you into entering your bank credentials.
There has been some development in the story, apparently, the minds behind this attack have launched a few websites that sell the encrypted keys. This as it seems is the “second chance” you get to save your data. But it comes with a price as well. Instead of 2 Bitcoins, you will now be paying 10.
These attackers are somewhat morally driven. Once you have paid the said amount, there hasn’t been a case where we have spotted runaways. So should you pay for it? Well, first of all that would be a crime, the best course of action would be to file a police complaint, doing this might not save your files, though.
The Cryptolocker ransomware has arrived in India as well, Sanjay Katkar, CTO of anti-virus Quick Heal says, “Since last couple of weeks we have been seeing 500+ incidents per day of this malware. The incidents are being reported from all over India. It is essential that everyone connected to the Internet is aware of such a damaging malware. In these cases, prevention is always better than cure.” [Source]
Safeguard from Cryptolocker
1) Don’t click on suspicious emails.
2) Do not visit any shady or illegal website.
3) Take backup of all your important data, and unplug the device when not in use. It is highly suggested that you keep a copy in the cloud as well.
4) If possible, change your DNS Settings and sign-up with security firms like OpenDNS. (It is free, and it blocks all the bogus websites)
5) Keep your Anti-Virus suite up-to-date.
CryptoLocker is probably the first virus of its kind. Considering the success it has received, security analyst all over the world are now anticipating copycats. We may soon spot similar malwares in other platforms as well. And that is a very scary thing.