Have a backup system in place for your critical files.This will help you recognize the malicious file used in the attack. Disable hidden file extensions in Windows.Be particularly wary of emails from senders you don’t know, especially those with attached files.Follow these tips to protect yourself from CryptoLocker: This malware spreads via email by using social engineering techniques. By the end of 2013, just a few months after being released, the malware had already infected more than 235,000 computers. It doesn't affect Apple devices, smartphones or tablets.Īccording to the FBI and other law enforcement agencies, the operators of CryptoLocker have successfully extorted millions of dollars in ransom payments. This database has been in turn used to build an online tool for recovering the keys and files without paying the ransom.ĬryptoLocker only works on PCs running Windows XP, Vista, Windows 7 or Windows 8, as it is designed to exploit features included in those operating systems.
However, the combined efforts of police forces from multiple countries has allowed the database of private keys used by CryptoLocker to be accessed. CryptoLocker encrypts files to a strength which renders them irretrievable, leaving victims with only two options to recover access to their files: pay the ransom (with no real guarantee that making the payment will actually release the files) or restore them from backup copies. Once active, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. CryptoLocker takes advantage of Windows’ default behavior of hiding the extension from file names to disguise the real. It gets run when the victim opens the attached ZIP file by entering the password included in the message, and attempts to open the PDF it contains. The Trojan spreads as an email attachment and through a botnet for P2P file sharing. Once installed, CryptoLocker encrypts certain files it finds on the infected computer and displays a ransom note on the screen, demanding hundreds of dollars in bitcoin for the decryption key. It is programmed to affect Microsoft Windows systems and block access to files until a ransom is paid to the malware authors. CryptoLocker is a ransomware specimen designed to infect computers through a Trojan.
0 kommentar(er)
