Posted on 10/27/2013 10:48:13 AM PDT by Windflier
The Crypto Locker virus is a new piece of ransomware that is said to be one of the worst viruses to ever infect Windows PCs. The virus takes over a computers files, encrypts them, and then holds the files ransom until a user pays to have them freed by clearing out the virus.
The Crypto Locker virus is sent to users through emails that have innocent enough looking senders, such as UPS or FedEx. Once the file is installed a display pops up demanding upwards of $100 to restore a users important files. In same cases users have stated that Crypto Locker has demanded two to four bitcoins, or the equivalent of approximately $700 to $800.
Technology expert Anthony Mongeluzo tells Mountain News:
Ransomware causes your computer files to be non-accessible and when that happens you have two choices. You can recover if you have a backup which I hope you do or pay the ransom within 100 hours. If you do not pay the ransom you lose all of your data.
The program disguises itself as a JPEG, PDF, or other Microsoft Office file.
To recover files users are given a strict time-frame of 100 hours. Users who have actually paid the fee have reported receiving their files back in a 3-4 hour time period. Crypto Locker after payment is made states that all files will be returned after payment is verified. Regular credit cards (which are subject to chargebacks) can not be used. If you dont have Bitcoins you can purchase a Green Dot MoneyPak to make the purchase.
Windows PC users are being encouraged to back up all of their important files at all times. Once infected brute force hacking your files back is not really something to be considered as the files are RSA-encrypted with strong backup technology.
If you want to prevent Crypto Locker from being installed there is a handy tool by FoolishIT LLC that creates software restriction policies on your Windows PC. The tool is free, easy to install and a necessity for users with thousands of files to protect.
But this only reveals the extensions to you - One must be be willing to learn what the extensions mean - Really not a long study - At least knowing the common ones safe for use (.doc, .txt, .xls, .pdf, .jpg, .jpeg... etc), being careful with any executable file (.exe, .bat, .cmd, .vbs, .wsf... etc), and VERY careful with anything having a double extension (filename.txt.exe) - Standard convention seldom uses a double extension (though it can always be done), so it is very out of the ordinary.
Pretty much, just start paying attention to the file types you regularly use, and be careful of things that are different...
Happy motoring! ; )
THANK YOU!
Your list of infection vectors pretty much covers the way any infection/malware arrives on a computer these days.
Thus far, I haven’t seen this in any of my business client’s computers nor among my friends who seem to rely on me for free computer support. At least with my business customers I view the lack of infection as an indicator that their current protection status is effective.
The following links cover most of Symantec’s information on the current class of randsomware: http://www.symantec.com/connect/blogs/ransomcrypt-thriving-menace and http://www.symantec.com/business/support/index?page=content&id=TECH211589.
If the infected user hasn't paid up by the time the clock elapses, the key is thrown away and the files are essentially lost forever.
If the user doesn't have backups, then his files are eventually going to be lost forever, for any one of a number of reasons, most of which are far more likely than being bit by a ransom virus.
Thanks, roamer_1, that’s it.
Other personal preferences - like ‘Use Windows Classic Folders’ - can also be set in the ‘Folder Options’ (in this case the ‘General’ tab) menue.
Freep-mail me to get on or off my pro-life and Catholic List:
Please ping me to note-worthy Pro-Life or Catholic threads, or other threads of general interest.
I wonder if this isn’t being promulgated by the NSA/DHS.
Get every body afraid of the virus so they all install something
like Cryptoblocker that prevents files from being encrypted.
Now that you have conned you into setting your PC to prevent
any file encryption they can peruse and steal your data without
having to worry about people who encrypt their data.....it’s a
win win for the government spies.
Good tip for windows users. I've always thought the idea of a file being executable simply by virtue of it's file name to be the height of insanity, and the cause of much of Microsoft user's woes.
Thank you from me too!
Bookmark!!!
You don’t understand. I was hit with this and it may sink my company. I have backups galore, all attached to the network, NAS, this stupid thing got them all. I will have thousands of man hours of labor just to have information to do my taxes.
These people need to be shot.
This malware seems so Windows-specific that I expect that Linux is immune. Does anyone have evidence to refute that? Unless WINE is running at the time, the chances of infecting Linux seems remote.
You'd have to run the malware itself under wine.That's fairly unlikely I think.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.