Ransomware is not hard to understand. Its simply software, or malware, that takes control of your computer, encrypts all your files and threatens to destroy them unless you pay a ransom. Right now CryptoLocker is terrorizing people all over the world and destroying the joy of the holiday season.
CryptoLocker is probably the nastiest and most infuriating malware to ever cruise the information super highway. It’s primary target are users of Windows computers and devices running Windows 7, 8, Vista and XP operating systems. Most African-Americans use Windows computers. Apple users you are safe…for now. This particular malware has taken over even police computers not once but several times. The last thing you need this holiday season is the joy of paying hundreds of dollars for a computer you already own.
What makes this malware particularly nasty is that it gives you 96 hours to pay up. And some variations of the malware actually have a timer displaying the countdown until your files are destroyed. This adds significantly to your anger and frustration To get your files back you can be charged anywhere from $300-$800. Tracing the pay off ransom is next to impossible since it must be paid using Bitcoin or some other digital currency. The large ransoms combined with deadline make this malware far more aggressive than other malware. Another ugly fact is that it’s spreading faster than any other malware currently known.
The holiday season is one reason that the malware is spreading so fast. According to the US Computer Emergency Readiness Team, it appears in email in boxes appearing to be a tracking notification from UPS, FedEx or USPS.
Corey Nachreiner, Director of Security Strategy at Watchguard Security says, “This lure is far more common for the holiday shopping season,” he said. “As people are doing more shopping online, they’ll be more likely not to suspect emails about packages. My guess is we’ll also see CryptoLocker mimicking emails from Amazon and other shopping sites, too.” During the holiday season African-Americans send and receive packages by the millions. So a notice from a delivery service would not draw a lot of attention. That’s why this malware is so dangerous. But fortunately you have to do more than just open the email. You have to actually click on the attachment or link to download the malware.
There are a few ways to stop the spread and keep yourself safe.
- Keep your anti-virus software up to date and scan emails and attachments before you open them.
- Keep track of packages you are expecting and their tracking numbers. Tracking numbers sent in an email do not normally require you to download anything.
- Examine the mail for double extension files. They have .pdf.exe extensions. If you see this at the end of an attachment or web address use extreme caution.
- Make sure you have your files backed up on a separate drive or storage device.
If you do get this malware and you are backed up then its becomes a lot easier to clean up your system. According to Nachreiner, just about every anti-virus vendor has a CryptoLocker cleanup tool. A victim can use their regular anti-virus software or Nachreiner suggests the tutorial at FAQ at Bleeping Computer, which he links in his own blog post. You can also find some free tools from a few good Samaritans. These good guys have developed tools to stop CryptoLocker before it starts. One is called CryptoPrevent, and it prevents your computer from downloading double-extension files.
You can get more information about fighting CryptoLocker and eradicating it from your computer at these sites;
Now you know.