FLASH: CryptoLocker malware is on the loose …
There is a new version of ransom malware called CryptoLocker. It started showing up in October, 2013 and to date only infects MS Windows systems (though like all malware, MacOS can be a carrier). It works the traditional way: An legit looking attachment is opened and it proceeds to hunt down data files including MS Office data files, pictures, sound and video files. Once it finds the files, it encrypts them with a 2,048 bit key, which is impractical to brute-force break. It then gives you 72 hours to pay $300, 300 Euro or 2 bit coins to unlock the files. After 72 hours, they claim to destroy the key.
Since this malware is difficult to detect even with the most sophisticated anti-malware software, the best way to avoid it is to engage in good computer practices, like never allowing software to be installed on your machine unless you specifically request it. Don’t open attachments from anyone, including friends unless you’re sure the sender actually sent it and you trust them. For more on malware, see my The war on malware and Don’t you hate it when you’re right posts.
The other crucial thing is to perform regular backups of your data. The good news (if there is good news with this type of malware) is that the ransom code doesn’t lock up your computer, it just locks up your files. So, once the malware software has been removed (which I understand is straightforward), you can recover your data from backups. For more information on backups, see my Data Safety: Backups post.
One final comment: If this happens to you, get help fast. I’d highly recommend that you not pay the ransom for two reasons: First, there is no guarantee that they will unlock your files. Second, you will let the bad guys know you will pay.
For more information, see: