Beware of CryptoLocker Malware!

November 25, 2013

CryptoLocker MalwareIf all of your data files were suddenly unavailable, how much would you pay to get them back? Remember the story I told of A Failed Hard Drive and Importance of Backup a few months ago? That user gladly paid $3000 in hopes that a service could recover their data from a failed hard drive.

Criminals know your data is valuable to you and they are doing their best to hold it hostage until you pay them. If you pay within 72 hours, the cost may only be $300. After that deadline, the cost is somewhere around $3500. Of course that’s if the criminals are “honest” enough to release your data after they have been paid. What am I talking about? The CryptoLocker malware!

Are you vulnerable?

Yes, all Windows users are vulnerable! Will your security software protect you? It might. Obviously I encourage you to make sure you have downloaded and installed the latest updates for whatever you are using to protect your system. If you are unsure of your current solution, my choice is ZoneAlarm Security Suite. The key to avoiding CryptoLocker is being extra careful about the file attachments you open and the Web sites you visit.

How do I know the bad attachments?

The key here is the criminals want to give you something that looks as legitimate as possible so that you will open the attachment and infect your system. I told you recently in Upgrade Your Phone Service and Save Money With RingCentral that we had switched our office phones to the RingCentral VOIP Service. So when I got an e-mail a few days ago telling me that a fax from RingCentral was attached, I gave the e-mail a look. I didn’t remember the fax e-mails coming to my address before so it was odd. On closer inspection, this one was even more suspicious since it has a zip file attached instead of a PDF. Digging into the header of the e-mail showed it didn’t even come from RingCentral and I immediately deleted the entire e-mail without opening the attachment.

You may receive similar e-mails from services or companies that may truly be providing a service to you. Of course an e-mail from RingCentral wouldn’t make sense if you weren’t their customer and I also receive many from well-known companies with whom I have no business relationship. The key is to look carefully at any e-mail with an attachment and make extra sure it is legitimate before you open the attachment. If it passes your eye test and you are still leery, contact the sender and ask if they indeed sent you the attachment. In this case, better safe than sorry!

Tip: One thing that can help you identify bad attachments is to make sure you Display File Extensions in Windows Explorer and Dialog Boxes. The criminals love that Windows hides file extensions by default and use that knowledge to trick you into thinking the file is legit.

What will CryptoLocker do?

Once you have accidentally installed it by opening an infected attachment, it will search your hard drive and it will start encrypting files on both local and network drives. This is no ordinary encryption, it uses a 2048-bit RSA key (so strong even the NSA, CIA and FBI won’t be able to read your data). When your data is encrypted, you’ll get a message asking you to pay a ransom to receive the decryption key. If you don’t pay (supposedly around $300) within 72 hours, your key will supposedly be destroyed and your data will remain encrypted (and not accessible) forever. Just recently the criminals set up a site that allows you to upload an encrypted file and pay even more (supposedly around $3500) to have the system identify the key that will unlock your file.

Logic says you shouldn’t pay the criminals as it will only help them continue their evil operation. But if you don’t pay, your data is lost forever. Even if you pay, there is no guarantee the criminals will give you the key to unlock your data. So the best thing you can do is avoid getting CryptoLocker!

How do I get rid of it?

Most good security software should be able to remove CryptoLocker. OK, that will prevent it from doing any more damage. Yet it will do nothing to recover files that have been encrypted. Again, this is malware that you need to completely avoid!

Even users who are extremely cautious may get bitten by this one. The key is to be extremely cautious as that will make the chances of being infected very slim. In short, make sure you have quality security software that is constantly being updated and be skeptical about any e-mail that has an attachment, especially if it looks even remotely fishy.

You May Also Like…

Keyboard Cleaning Gel

Use Cleaning Gel on Keyboards, Laptops and More

Keyboards can be pretty disgusting. Apart from looking bad and being covered with germs, some of that dirt can prevent them from working well. A few years ago I took a very drastic step to get a keyboard clean. If you don't remember it, check...

Read More

Blog Makeover

Blog Posts Receive Makeover

Since we migrated the Graphics Unleashed Blog to a dedicated site in 2015, the layout of the posts was mostly the same. We did make a few minor changes every now and then, but it didn't change the overall layout much. Now we've made a major...

Read More

You Shipped It Where? What Were You Thinking?

Loyal readers know that I recently moved. Part of that move was selling the home where I had resided the previous 22 years. While I've provided a new address to more than 100 places, I'm sure there are some I've missed. Today I have a story...

Read More

Foster D. Coburn III

Foster D. Coburn III

Foster D. Coburn III is author of 13 best-selling books on CorelDRAW and has been a contributor to numerous technology and graphics-related magazines. Foster has taken many projects, including this Web site, from the early design stage through to a finished piece. He has been a featured speaker at many graphics conferences. His first Web site was built in 1995 and he has been working exclusively in WordPress since 2013.

Recent Posts

Pro WordPress Help

WordPress Web design

Graphics Unleashed Donations

Personal Info

Donation Total: $5

Get Free Fonts!

Subscribe to receive the latest blog posts from Graphics Unleashed. As a thank you, we'll give you 101 FREE fonts! Download immediately after subscribing.

You have Successfully Subscribed!

Send this to a friend