Just in time for the holidays the unidentified genius evil hackers have created the most damaging Trojan horse malware/ransomware to date. This is bad news for the computers and their owners who get infected with CryptoLocker. Where viruses typically are dangerous because they can damage the computer and/or steal your information, CryptoLocker takes this to a whole new level. Targeting online shoppers, the design is simple. You get an email that looks legitimate say from a FedEx, UPS, USPS or any other lookalike that has a zip file attachment in it. Inside the zipped file, like an unsuspecting nightmare, hides a double-extension file such as .pdf.exe. This is not a PDF document but an executable that if clicked on, will allow CryptoLocker to run on your computer.
Now you might be asking what damage does this thing do? Once installed on your computer, CryptoLocker encrypts files on your computer’s local and mounted network drives by using RSA public-key cryptography while the private key is actually stored on the servers controlled by the malware. In other words, once the file is encrypted, you cannot access it. It is like putting all of your important stuff into a safe that is impossible to open without a key and then hiding the key so you can’t access the contents. In order to get the files decrypted and accessible again, CryptoLocker displays a “ransom” payment message with a strict deadline. If you pay with Bitcoin or a prepaid voucher within the deadline, your files get decrypted. On the other hand, if the payment is not made within the deadline, the price for decryption increases or your files stay forever encrypted. The encryption is so complex that experts say that it is close to impossible to break, so if you do not have a proper backup, the files are non-recoverable. It is discouraged to pay the ransom because it encourages the attackers to continue to do harm.
Here is what you can do to avoid this from happening to you and your business. Prevent the infection in the first place by not opening any emails and attachments if you are not sure where they came from or if they look suspicious. FedEx or UPS is not going to ask you to download a zip file, so if something appears strange, it probably is. If you do accidentally click on something, make sure to pay attention to the file and do not open a double-extension file (such as recipt.pdf.exe). As always, having updated antivirus software is extremely important. And last but not least, backup, backup, backup! The more backups you have, the better off you will be. If you suspect an infection, immediately turn off your computer. Notify us at TechFarmer so we can start to eradicate the virus. This is definitely not the first virus and it will not be the last but as technology evolves, so will the threats. Please feel free to contact us with any questions that you may have in regards to IT support or internet safety and security.
