(Newswire.net — November 4, 2013) Chicago, Illinois — Cryptolocker is a particularly malicious form of malware. It propagates through email as an attachment. It can even propagate within companies if employees are not diligent about their email.
Cryptolocker can destroy your access to your documents.
Cryptolocker is a trojan. If the email zip file attachment is opened it has an executable file disguised as a pdf file. The virus installs itself in Windows Documents and Settings. It then encrypts the user’s documents across the local and mapped network hard drives. The owner then receives a ransom demand. The demand is that monies, usually $100 to $300 USD or Euros be paid.
The ransom monies are to be paid within 72 to 100 hours.
Payment is made to an anonymous pre-paid cash voucher. The computer owner is told that if they do not pay then the key for the encrypted files will be destroyed and there will be no way to retrieve the files.
It comes in what appears to be legitimate emails.
Cryptolocker takes advantage of a Windows default behavior of not showing file extensions. It may come in on an email that appears to be from a legitimate company. The attachment may open a file that is not cryptolocker but another trojan that installs cryptolocker.
When it first loads it installs with a random name. It adds a key to the registry that causes it to load on startup. The program contacts a server that will be very hard to locate as through proxies or multiple proxies and then in different countries. The program uses a key that is generated from the server and sent to the infected computer. The type of key used makes it very difficult if not impossible to decrypt by means other than paying the ransom.
Best practices and precautions to take before you find your computer is infected.
– Do not open any type of email attachment without certainty of the source
– Do not open an email that appears to be from UPS, FedEx, Xerox, a bank or other company without great caution
– Do not open a PDF appearing file unless certain of the source and verified
– Do keep a current backup and/or shadow copy of your files
– Do be on the lookout for phishing or offer type emails as this is commonly used by cryptolocker
– Do not rely on your antivirus or other programs to protect you as they do not detect until after the virus has loaded
– Do not simply agree to upgrades to programs as those can be botnets
– Do not install programs you cannot identify as may be botnets
– Botnets are programs installed to look like other programs and then at some command or upgrade infect your computer
– Be sure your windows and other systems are current and patched
– Be sure your antivirus is current to protect from threats that might add malware which then adds cryptolocker
If you find your computer is infected.
– Immediately disconnect from the internet as that stops the encryption
– Stop and check on the latest cryptolocker information and strategy
– Determine if you have a backup for the files and can restore your files
– Do not try to handle this yourself as this is sophisticated, nasty virus
In this case prevention really is the best policy.
John K Arnold is a Newswire featured author. He has over 35 years of business experience including doing online marketing and business since the 1990s.
You can view more Press Releases by the author and view his profile by clicking on author name at top. For information on Press Releases for your business, event, cause or idea please contact by phone or email below.