So what is it about Cryptolocker that changes the game, and how do you prevent yourself from falling victim to this vile threat. That is precisely what we want to look at today.
What Exactly is Cryptolocker?
It’s a simple question, and the answer is “malware”, but things go deeper than that because all of this is far from being simple. To get a deeper look, we will see what the security experts have to say. Brian Krebs, who previously covered security for the Washington Post, and currently runs the Krebs on Security blog, states Krebs goes on to explain: In recent days, the thieves have begun allowing victims more time to pay – an obvious effort to simply collect more money. After all, those traveling may still pay once they return and discover the problem. Security expert Steve Gibson explain that
How Do You Get it?
It is typically installed through phishing attacks in email. So people will get an email that looks reasonable to them, and they will click on a link, and it’ll be an executable, and they will now be infected. Don’t be fooled by files that appear to be something else – a Word document or PDF, for instance, as these can still be stealth EXE files. However, more recent research has shown the problem branching out – the malware also can now be deployed by hacked and malicious web sites by exploiting outdated browser plugins.
Avoiding it
The simple answer is to not open email attachments unless you are positive they were sent by that person and they are files you anticipated receiving. If you’re in doubt then contact the sender and inquire. Check the file properties also – malware.pdf may in fact be “malware.pdf.exe”. A new utility released by Foolish IT (yes the name is silly, but the company is not) can also help out. CryptoPrevent “is a tiny utility to lock down any Windows OS (XP, Vista, 7, 8, and 8.1) to prevent infection by the Cryptolocker malware or “ransomware”, which encrypts personal files and then offers decryption for a paid ransom”.
Conclusion
While CryptoPrevent can help, the best defense for users is always the same. Its all about behavior. Don’t do stupid things and don’t visit potentially dangerous web sites. In other words, always err on the side of caution. This threat shows little sign of abating and antivirus does next to nothing to prevent it from striking. It really is a jungle out there.