CryptoLocker Ransomware: 10 Things to Know about the Currently Spreading Malware [VIDEO]
A dangerous malware called CryptoLocker, which is a ransomware that encrypts one's hard drive including personal files, like documents, images and spreadsheets in the computer, is currently spreading like wildfire on the Internet. Learn more about it to be prepared for its attack.
10 Things to Know about the CryptoLocker Ransomware:
1. It is not a virus, which is a malware that replicates itself and spreads across a network.
2. It is detected as Troj/Ransom-ACP in the computer.
3. It does not freeze one's computer, unlike other ransomware.
4. It gives cybercriminals the only copy of the decryption key, so the encrypted files cannot be unlocked, without their assistance.
5. Payment of $300 or EUR300 through MoneyPak or 2 Bitcoins (BTC2), which cost about $280 must be made within a short time to be able to use the encrypted files again.
6. Payment must be made immediately, usually within 72 to 100 hours or 3 days maximum.
7. It also affects network file shares, USB drives and cloud storage folders.
8. It installs itself on the Documents and Settings folder. It uses a randomly-generated name, and adds itself to the list of programs that Windows loads automatically every time you log in to your computer.
9. It produces a list of server names using the domains .org, .com, .net, .biz, .info, .co.uk and .ru. As soon as it finds a server it can reach, it uploads a small file, which is essentially a "CryptoLocker ID."
10. It can be removed using the Sophos Virus Removal Tool (VRT). Read more about it by clicking here. VRT will load, update and scan the computer's memory for active malware running in the system and removes it. Afterwards, it scans the computer's hard disk for other malicious files, which can be dealt with swiftly through a click of a button.
NOTE: If CryptoLocker is already running, it can still be removed, but it cannot decrypt scrambled files without a decryption key, so files will be lost.
To protect precious files, always make sure that they have backup files, review the access control security settings on your network shares, don't give administrative privileges to user accounts and make files and folders read only. Of course, always use an up-to-date anti-virus tool, such as the Sophos Anti-Virus for Mac Home Edition, which protects both Windows and Mac computers. Click here to download a copy.
Plus, make it a habit to always check for malware, use different passwords for every Web site and use Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) on Wi-Fi connections, especially at home.
In the unfortunate event that a CryptoLockers infects one's computer, use the Sophos Virus Removal Tool immediately. And whatever happens, do not pay the cybercriminals to get the decryption key. Report them to the authorities as soon as possible! Cybercrime is still a crime!
Check out the CryptoLocker in action in the video below:
(CREDIT: Youtube/SophosGlobalSupport )