Cyptolocker ransomware locks up your important files

cryptolockerJust in time for Halloween, a super scary malware infection is making the rounds: a type of ransomware known as Cryptolocker.

Unlike the FBI ransomware that locks your computer and demands money in order to unlock it again, Cryptolocker leaves your computer operational–sort of. Your computer still runs. However, Cryptolocker encrypts all your files. The files exist, but you can’t open them.

The crooks demand money in order to give you a “key” to unlock them again. In most cases the crooks ask for $300 or two Bitcoins (worth about $280 currently).

You don’t want to get this one. If you do, you can get rid of the malware, but there’s no way to get access to your files again. You might as well throw them away. People have been paying the bad guys to get access to their data, but doing that will help them make meaner and more effective malware. These people are criminals. It would be like paying a bank robber.

Good news is, if you have a cold back up, you can kill the malware and restore your files.

The malware spreads through email phishing attachments (don’t click attachments in suspicious emails!) or botnets (if you don’t have antivirus software or haven’t kept it updated, your computer could be part of a network of hacked computers known as a botnet that criminals can use for all kinds of illicit activities).

The Internet Crime Complaint Center (IC) warns to be especially wary of unexpected email from postal/package services and dispute notifications.

This is a pretty detailed description of Cryptolocker and what it can do.

BBB offers the following advice to keep from being hit by Cryptolocker or similar malware infections (adapted from this article in the Guardian):

  • Back up your files through ‘cold storage’. If you have a clean backup that the malware can’t reach, you can get your files back. If you back up your files with an external hard drive, don’t plug it into your computer unless you’re backing up. You can also pay for an online back-up service, but make sure the service isn’t mapped as a network drive or the files could still be affected.
  • Keep your operating system is updated. Updates often include added security protections. That also goes for browsers and add-ons like Java and Adobe Flash.
  • Use anti-virus software. Download reputable anti-virus software if you don’t have it already and keep it updated.
  • Use the cloud. Upload photos and other treasured files to services like Flickr or Picasa.
  • Use a filtered email service. Web-based email services like Google Mail block spam and will not allow you to receive or send email attachments with executable files in them.
  • Be careful what you click. Porn sites are common sources of malware, as are links sent by unfamiliar people through social media such as Twitter.