Cryptolocker ransomware has ´infected about 250,000 PCs´

BBC News ^ | 12/25/13 | Leo Kelion

[Nachum]

A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers. Cryptolocker scrambles users´ data and then demands a fee to unencrypt it alongside a countdown clock. Dell Secureworks said that the US and UK had been worst affected. It added that the cyber-criminals responsible were now targeting home internet users after initially focusing on professionals. The firm has provided a list of net domains that it suspects have been used to spread the code, but warned that more are being generated every day. Ransomware has existed since at least 1989,

[Farmer Dean]

Cyber-criminals all need a 9mm to the back of the head.

[ETL]

Clever little bastards.

[mrsmith]

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information#prevent

See “17.How to prevent your computer from becoming infected by CryptoLocker” There’s a free prgram to prevent it.

[SandRat]

Cyber-criminals all need Massive, repetitive, concentrated exposure to military grade vomiting agent (an arseicalagent)

[sickoflibs]

I got this a few times but because my virus software caught it it only locked up a single window of my IE till I killed the process:

[sickoflibs]

I found that Norton sucks, McAfee does a much better job than it did.

[Utilizer]

Crikey! I'll have to closely watch this computer for infestations, no doubt!

Why, the malware might think this is a "Windows" computer somehow and attempt to subtly run an ".exe" or ".com" file here, and THEN where would I be? (Psst! What's a "Windows" computer? "Windows" makes computers?)

Especially since neither of those types of files will run on this computer or any other I have connected to the web, and all personal and critical data is stored on powered-down backup drives and totally inaccessible to any device until I both power them on and then power on the hub to connect them to any computer. Never done when anything is online, and usually with a complete power-off and then restart first while in the meantime making certain that all internet connections are inactive or unpowered.

Next I expect them to set off a "Mac" executable against these machines!

(Please excuse while I go off into a corner and laugh hysterically for awhile...)

[nascarnation]

That’s quite interesting. Do you recommend it?

Thanks.

[Utilizer]

Stone the crows! Thanks for the pic, really, and saved for an upcoming April Fool's day gag or several!

And THEN AGAIN on April the First as well as on November the Eighth (Pres Elec Day, I believe, in USA) as well! *grin*

[Cementjungle]

Too bad we can’t ask the NSA to redirect it’s attention for a day or two and locate these scum. They can go back to spying on us after that.

[driftdiver]

This malware requires use user action to install. They use social engineering to get people to open the attachment.

Now please explain why those non-windows machine are safe if a user approves an action while using an account with admin access?

[Spirit of Liberty]

How did you get it off? I got it a couple of months ago at work, but the IT people took care of it. Now I have it at home. I wasn't that worried about fixing it because my computer is 6 years old and not really worth fixing; I was thinking about replacing it anyway. I don't do online banking, have backups of the pictures I had stored there. So no real great loss if I can't fix and just get something new.

[Malsua]

That’s quite interesting. Do you recommend it?

I can't speak for that person, but I put it on every machine I touch. I've had 3 cryptolocker machines brought to me in the past few months. It's harder than most malware to remove, still easy enough, just a pain.

[Dick Bachert]

I wouldn’t waste a 9 on these bastards. .22LR is good enough for the mob and sure as hell is good enough for them.

[PeaceBeWithYou]

The few I have seen aren’t actually locking the files, but are adding MSConfig and a switch to the startup menu, effectively blocking that user from changing anything.

If there is an Admin account that you can access, you can go find and remove the MSConfig entry from the affected user account it will fix it.

[Dick Bachert]

I wouldn’t waste a 9 on these bastards. .22LR is good enough for the mob and sure as hell is good enough for them.

[sickoflibs]

RE Stone the crows! Thanks for the pic, really, and saved for an upcoming April Fool's day gag or several!
And THEN AGAIN on April the First as well as on November the Eighth (Pres Elec Day, I believe, in USA) as well! *grin*

Who ever created that locks up that window of the browser into full screen so you cant close it without killing the browser process. I recall being able to minimize it though.

But I read that it can really be bad if infected.

How can we use it as a joke?

[Standing Wolf]

Cyber-criminals all need a 9mm to the back of the head.

Nah. Ammunition is too expensive. Rope is cheap, reusable, and recycleable.

[montanajoe]

I had one of these 7 or 8 years ago.

Was a wake up call... everything I have that is important is on a puter that has never been on-line. I know the trend is to put more and more stuff out there on the cloud but I wont do it..