Imagine the following scenario: you are surfing on the web, checking your emails, opening the attachments and then suddenly your monitor displays a splash screen with a countdown timer and the message “Private key will be destroyed on [date]“, unless you pay. Your PC has just been infected by a relatively new, increasingly common Trojan horse malware, called CryptoLocker. All your photos, videos, documents and other important files have been encrypted and your only option appears to be to satisfy the demands of this ransomware and its creators by paying, hoping that your files will be decrypted and the nightmare ends.
The UK’s National Crime Agency has issued an urgent alert to PC users about CryptoLocker and the threats it poses. As described in the statement, tens of millions of UK customers are receiving emails that appear to be from banks and other financial institutions. However, the primary targets appear to be small and medium businesses.
According to recent reports and the NCA’s warning, the amount of “ransom” demanded by CryptoLocker is 2 Bitcoins (£550 as at 18/11/13).
What can you do against it?
Similarly to many other cases, preventive measures are more useful than trying to find a cure, especially when it’s too late. So what can we do? According to Graham Cluley’s extensive article on the matter, the answer is three-fold.
- Keep your PC up-to-date with anti-virus and security patches and don’t open unsolicited email attachments.
- Set a software restriction policy on your PC to prevent executables from running from certain location on your hard drive.
- Make regular backups of your important data and keep them separate from your computer.
To learn more about CryptoLocker, read the full article on grahamcluley.com