Posted on 10/26/2013 1:29:26 PM PDT by NoLibZone
Heads up and Prevention of New New Virus sweeping the Interwebs: CryptoLocker
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
PROBLEM:
CryptoLocker is a ransomware program that was released around the beginning of September 2013. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.
One Easy Solution:
The easy to use free tool to change group polices to block your Hard Drive from unauthorized encryption: http://www.foolishit.com/vb6-projects/cryptoprevent/
First I scanned the CryptoPrevent using VirusTotal.com to make certain it’s clean. It is.
Then I used MalwareBytes to make sure I an clean.
Then I ran a new restore point.
Then I ran the one click CryptoPrevent and tested. It worked.
Image of the little app dialogue:
http://imgur.com/5M9bDyU">
(Excerpt) Read more at bleepingcomputer.com ...
Everything I care about is backed up in a second file on my hard drive, on two thumb drives that alternate from week to week, and if it’s not too sensitive in two email addresses. In no case would I pay extortion money to terrorists, unless the FBI asked me to do so to track and prosecute them (or to put a drone missile where it would do the most good - drone strike for cyber-theft? Yep!).
Sounds like Obamacare.
Because they probably don't have free time to go to Latvia or Russia or Turkey or Brazil or South Korea or wherever else the hackers may be hanging out at. And even if they did, it would almost certainly take longer for the Federal Geek Squad to track down the hackers than it would for the encrypted files to get automatically deleted from your computer.
A quick Google of “cryptolocker” seems to finger cryptolocker as malware too. How does CryptoLocker have any cred as one of the good guys? Just curious ...
sorry my bad, misread & mixed up cryptolocker & cryptoprevent. Argh! Hate when that happens ..
I can’t rely on the Fed or local Unions to protect me.
The better best is prevention.
Whihc is easy.
I certainly hope there are a ton of people working on this problem. I also hope they find the people doing this and throw them in prison.
I don’t really want to type that URL
lol
The easiest way to prevent this is to do all of your internet surfing from a virtual PC. I’ve been doing this for about 4 years. Any time the Virtual system acts up. I shut it off, erase it and clone in a new untouched virtual system and continue. It takes 10 minutes to clone the backup OS and start over.
does this thing affect Linux?
Run as a limited user, set UAC to high, don’t mindlessly click links in email, don’t open attachments and think before clicking on a file that has one of the following attachments:
BAT Batch File
BIN Binary Executable
CMD Command Script
COM Command File
CPL Control Panel
Extension
EXE Executable Windows
INF Setup Information
File
INS Internet
Communication
Settings
INX InstallShield
Compiled Script
ISU InstallShield
Uninstaller Script
JOB Windows Task
Scheduler Job File
JSE JScript Encoded File
MSC Microsoft Common
Console Document
MSI Windows Installer
Package
MSP Windows Installer
Patch
MST Windows Installer
Setup Transform File
PAF Portable Application
Installer File
PIF Program Information
File
PS1 Windows PowerShell
Cmdlet
REG Registry Data File
RGS Registry Script
SCT Windows Scriptlet
SHB Windows Document
Shortcut
SHS Shell Scrap Object
U3P U3 Smart Application
VB VBScript File
VBE VBScript Encoded
Script
VBS VBScript File Windows
VBSCRIPT Visual Basic Script
WS Windows Script
WSF Windows Script
bfl
Malware bytes
Spybot
Fprot
No problemo
It also crypts attached drives.
What are you using? I’ve used VMware, but started using Virtualbox on a computer that wouldn’t run VMware. I’m liking Virtualbox a lot better as I use it more.
“prompts you to send a ransom of either $100 or $300”
so it’s the obamacare of viruses?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.