virus

There’s a new virus out there that I want to raise awareness of, it’s called CryptoLocker. I normally don’t post warnings or alerts about virus, but this is probably one of the more insidious viruses I’ve ever seen.

You can read additional information about CryptoLocker at:

• The Guardian: CryptoLocker attacks that hold your computer to ransom
• Malwarebytes: Cryptolocker Ransomware: What You Need To Know
• Emsisoft: CryptoLocker – a new ransomware variant
• TrendLabs: Threat Refinement Ensues with CryptoLocker, SHOTODOR Backdoor
• Ars Technica: You’re infected–if you want to see your data again, pay us $300 in Bitcoins

Basically what this virus does is locates all your important files on any drive attached to your computer (hard drives, flash drives, USB sticks, network drives/shares) then encrypts the files it finds.

The only way to unlock the files again is to pay $300 to get the key used for the encryption. The encryption method used is RSA with a 2048 bit key, which makes it extremely hard to crack — impossible with the time span and todays computers.

Once infected, you will be presented with a ransom note stating you have 72 hours before the perpetrators destroy the key making it impossible for you to ever get your data back.

Let me put that another way: If you are infected, you will have to pay $300 if you want your data back. There is no way around it and most cases I’ve read about report that once the ransom was paid, the files were successfully recovered.

Nevertheless, this can be extremely devastating if you are running a business and all your files are gone; or if all your family pictures disappear.

If you sync your files to the cloud, you’re still not safe, it syncs the encrypted files as well. If you are able to restore to previous versions of your files in the cloud, you could be okay.

Also, if your backup files are accessible directly they could also be held ransom as well.

Let your friends, family and co-workers know about this.

Here are some simple ways to avoid getting a virus in general:

1. Don’t open e-mails from people you don’t know
2. Don’t open attachments in e-mails unless you were waiting for the attachment
3. Don’t go to websites/click links that you don’t fully trust
4. Don’t download and execute files that you don’t fully trust

It might seem obvious to the most of us to don’t do the above, but to a lot of friends, family and co-workers it might not be.

Imagine waking up and having to pay $300 to get your data back. However, the police tracked down one of the servers that serves the keys and shut them down which means the keys were not delivered and the data was lost, this means even if you do pay the $300, there is no guarantee that you will get the data back.

Raise awareness of this and avoid having your files lost.