There is a new horrid piece of malware virus been lingering on the internet for the last few months or so. It can be quite a scare for business website. If you’re running an online business or anything to do with online cash transactions, you’re probably a prime target for this kind of attack.
Take this alert seriously if you care enough for your business, always backup your important files, be careful about opening email attachments, particularly from unknown senders and don’t follow or click any unsolicited web links.
When you first become infected with CryptoLocker, a popup on your screen that looks like this:
Thanks Bleeping Computer for the screenshots. I’m not crazy enough to get my PC infected so I can capture it.
What is CryptoLocker?
CryptoLocker is a ransomware program that was released around the beginning of September 2013 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 72 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.
The Cryptolocker thieves would have to do some major revamping if they wanted the malware to spread to mobile devices, but it’s within the realms of possibility as the malware continues to spread geographically. It’s the old scam trick in the book of classic phishing attack but with more sophisticated method.
More on this malware can be found at BleepingComputer. Read the safety measures and recovery guides.