Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

CryptoLocker: A particularly pernicious virus
Wndows Secrets ^ | October 24, 2013 | Susan Bradley

Posted on 10/24/2013 11:15:25 AM PDT by brityank

CryptoLocker: A particularly pernicious virus

 

Susan Bradley

By Susan Bradley on October 24, 2013 in Top Story

Online attackers are using encryption to lock up our files and demand a ransom — and AV software probably won’t protect you.

Here are ways to defend yourself from CryptoLocker — pass this information along to friends, family, and business associates.

Forgive me if I sound a bit like those bogus virus warnings proclaiming, “You have the worst virus ever!!” But there’s a new threat to our data that we need to take seriously. It’s already hit many consumers and small businesses. Called CryptoLocker, this infection shows up in two ways.

First, you see a red banner (see Figure 1) on your computer system, warning that your files are now encrypted — and if you send money to a given email address, access to your files will be restored to you.

 


(Excerpt) Read more at windowssecrets.com ...


TOPICS: Computers/Internet; Education; Hobbies
KEYWORDS: hackers; hostage; internet; ransom
Navigation: use the links below to view more comments.
first 1-2021-33 next last
WS does a pretty good job of keeping tabs on the Microsoft stable, and cleaning up most of its crap!
1 posted on 10/24/2013 11:15:25 AM PDT by brityank
[ Post Reply | Private Reply | View Replies]

To: brityank

more info

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information


2 posted on 10/24/2013 11:28:44 AM PDT by mreerm
[ Post Reply | Private Reply | To 1 | View Replies]

To: mreerm

Good info, thanks!


3 posted on 10/24/2013 11:30:54 AM PDT by leapfrog0202 ("the American presidency is not supposed to be a journey of personal discovery" Sarah Palin)
[ Post Reply | Private Reply | To 2 | View Replies]

To: All

I had this hit me. I reset the registry using the “restore” feature in Windows 7. Start in safe mode, then just reset the registry to a version previously saved. I went back 3 months.
Hope it helps somebody.


4 posted on 10/24/2013 11:31:30 AM PDT by Tracker47
[ Post Reply | Private Reply | To 1 | View Replies]

To: brityank

good article brityank...anybody know if sandboxie protects from this??


5 posted on 10/24/2013 11:33:00 AM PDT by virgil283 (When the sun spins, the cross appears, and the skies burn red)
[ Post Reply | Private Reply | To 1 | View Replies]

To: brityank

We got hit by this one. According to some victims, if you pay the money, they will decrypt your files as promised. Otherwise, you better hope that you have a backup, or you are screwed.


6 posted on 10/24/2013 11:41:38 AM PDT by Boogieman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Tracker47

That might stop the virus from running on startup, but it won’t decrypt any files that the virus has encrypted already. It seems to target Word and Excel files, and Adobe PDFs in some variants, and will even encrypt networks shares, if the infected computer has enough permissions to modify files across the network.

Luckily, the virus author did not set the virus “warning” message to display only after the encryption routine finishes. So, if you eliminate the virus as soon as you see the pop-up, you can probably stop it before it gets through all of your files.


7 posted on 10/24/2013 11:46:40 AM PDT by Boogieman
[ Post Reply | Private Reply | To 4 | View Replies]

To: virgil283

The virus targets data files. So if you are running in a sandbox or VM environment, sure, you can reset your OS and not be infected anymore. However, any data files that it has encrypted will still be encrypted.


8 posted on 10/24/2013 11:47:56 AM PDT by Boogieman
[ Post Reply | Private Reply | To 5 | View Replies]

To: brityank

So, what if I encrypt my files first?
Can they be re-encrypted?


9 posted on 10/24/2013 11:50:24 AM PDT by polymuser ("We have a right to debate and disagree with any administration!" (HRC))
[ Post Reply | Private Reply | To 1 | View Replies]

To: mreerm

Wow! Many thanks.


10 posted on 10/24/2013 11:52:37 AM PDT by brityank (The more I learn about the Constitution, the more I realise this Government is UNconstitutional !!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: brityank

Public hangings are too good for the vermin perpetrating these crimes.


11 posted on 10/24/2013 11:57:46 AM PDT by Junk Silver
[ Post Reply | Private Reply | To 10 | View Replies]

To: brityank

Whoever is doing that should be put away for life


12 posted on 10/24/2013 11:58:33 AM PDT by GeronL
[ Post Reply | Private Reply | To 1 | View Replies]

To: brityank; rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; ...

13 posted on 10/24/2013 11:59:29 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: polymuser

interesting question


14 posted on 10/24/2013 12:00:56 PM PDT by GeronL
[ Post Reply | Private Reply | To 9 | View Replies]

To: polymuser
So, what if I encrypt my files first?
Can they be re-encrypted?

Go read through the link that mreerm posted in #3.

It gives the following listing:


15 posted on 10/24/2013 12:01:40 PM PDT by brityank (The more I learn about the Constitution, the more I realise this Government is UNconstitutional !!)
[ Post Reply | Private Reply | To 9 | View Replies]

To: brityank

Almost as bad as the ObamaCare website

//kidding


16 posted on 10/24/2013 12:02:15 PM PDT by GeronL
[ Post Reply | Private Reply | To 1 | View Replies]

To: brityank
Some advice from a guy who has been around this block a few times:

1. Back up frequently to an external drive that you turn off or disconnect afterward.

2. Keep personal data on removable media - thumb drives - and only keep temporary work copies on your hard drive.

3. If you get zapped by these clowns, slick your box, restore from your last backup and laugh at them.

17 posted on 10/24/2013 12:12:02 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 1 | View Replies]

To: polymuser

Yes, an encrypted file can be encrypted again.


18 posted on 10/24/2013 12:22:53 PM PDT by Boogieman
[ Post Reply | Private Reply | To 9 | View Replies]

To: brityank

tech bkmk


19 posted on 10/24/2013 1:14:54 PM PDT by Sergio (An object at rest cannot be stopped! - The Evil Midnight Bomber What Bombs at Midnight)
[ Post Reply | Private Reply | To 1 | View Replies]

To: brityank

Does it break of you create that registry key and set the permissions so the virus can’t write to it?


20 posted on 10/24/2013 1:21:03 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 15 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-33 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson