EMERGENCY NOTICE: DIGITAL TERRORISM -- NEW CLASS OF VIRUS HOLDS YOUR COMPUTER FILES HOSTAGE -- CRYPTOVIRAL EXTORTION
We have seen numerous examples of so-called “ransomware” that lock your computer-up in return for a cash payment. There were always professional methods to get around this problem and restore your system.
Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed. Some forms of ransomware encrypt files on the system's hard drive (cryptoviral extortion), while some may simply lock the system and display messages intended to coax the user into paying. <Source>
The latest cryptoviral extortion problem …
CryptoLocker is a computer worm which surfaced in late 2013. A form of ransomware targeting Microsoft Windows-based computers, the Trojan encrypts files stored on local hard drives and mounted network drives using public-key cryptography, and then displays a message saying that the files will be decrypted if a fee is paid through an anonymous payment service by a specified deadline, beyond which decryption is no longer possible.
CryptoLocker typically propagates as an attachment to a seemingly innocuous e-mail (usually taking the appearance of a legitimate company e-mail), or from a botnet. The attached ZIP file contains an executable file with filename and icon disguised as a PDF file, taking advantage of Windows' default behaviour of hiding the extension from file names to disguise the real .EXE extension. Some instances may actually contain the Zeus Trojan instead, which in turn installs CryptoLocker. When first run, the payload installs itself in the Documents and Settings folder with a random name, and adds a key to the registry that causes it to run on startup. It then attempts to contact one of several designated command and control servers; once connected, the server then generates a 2048-bit RSA key pair, and sends the public key back to the infected computer. The server may be a local proxy and go through others, frequently relocated in different countries to make tracing difficult.
Security software might not detect CryptoLocker, or detect it only after encryption is underway or complete. Although CryptoLocker itself can be trivially removed, this does not decrypt files, and may make it impossible to recover them by paying the ransom. <Source>
CONVENTIONAL ANTI-VIRUS & MALWARE PROGRAMS DO NOT PROTECT YOU!
DO NOT OPEN ANY UNSOLICITED E-MAIL LINK OR PDF– EVEN IF THEY APPEAR TO COME FROM FRIENDS!
MAKE SURE THAT YOUR CRITICAL FILES ARE BACKED UP ON DEVICES THAT IS NOT CONNECTED TO A NETWORK OR LOCATED IN THE CLOUD
Your family and your friends are threat vectors …
The sad fact is that you cannot teach others to avoid their bad practices which can affect your system. Especially young children and wives. We have seen many e-mails that seem to come from our family and friends, only to find that their systems were compromised by malware or their e-mail addressed were spoofed.
Best practices …
- Always back up critical files on hard media such as DVD and/or removable hard drives. Critical files include any files, if lost, would have financial repercussions or cause pain.You cannot trust “synchronized” cloud backups because if files in the local folder are encrypted by an evildoer, these encrypted files will overwrite the files in the cloud and may be transmitted to other devices synchronized with the cloud folder.
- Consider using separate computers for personal, professional, and family use. Isolating those who could accidently compromise your system from your mission-critical systems.
- Be careful when multi-tasking, do not answer your e-mail before you have backed-up your “important” data files.
- Never click on any link that you did not generate yourself. – You cannot trust that your friend’s email address has not be used by evildoers to send out mail that will infect your system. a
- Make data protection a habit like brushing your teeth.
- See item 1.
Bottom line …
Think before you act – something easier said that done.
“Nullius in verba.”-- take nobody's word for it!
“Beware of false knowledge; it is more dangerous than ignorance.”-- George Bernard Shaw
“Progressive, liberal, Socialist, Marxist, Democratic Socialist -- they are all COMMUNISTS.”
“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS "The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius “A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell “Fere libenter homines id quod volunt credunt." (The people gladly believe what they wish to.) ~Julius Caesar “Describing the problem is quite different from knowing the solution. Except in politics." ~ OCS
“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS
"The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius
“A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell
“Fere libenter homines id quod volunt credunt." (The people gladly believe what they wish to.) ~Julius Caesar
“Describing the problem is quite different from knowing the solution. Except in politics." ~ OCS