Protect Yourself Against the CryptoLocker Virus
Ransomware is malware that prevents you from using your files or your computer, and then extorts money from you in exchange for a promise to unlock them. CryptoLocker is one of the most notorious malware as of late. CryptoLocker is a ransomware that not only locks the system it affects, but also encrypts certain files found in the system’s hard drive. This may be a tactic to ensure that the victim pays the ransom, as there is no other way to decrypt the files but with a key that the cybercriminals provide. Since the discovery of CryptoLocker, the number of its victims has exponentially grown.
As with any ransomware, once the system is infected the user is coerced to pay (a ransom) through online payment methods to regain computer usability. However, paying doesn’t guarantee access to the infected system. Moreover, CryptoLocker infections puts computers at an elevated risk of being rendered unusable. This is because once files are encrypted almost all anti-malware tools are only able to remove the CryptoLocker variant from the system, leaving encrypted files unusable. Therefore, it is important to stop the CryptoLocker infection chain before it executes.
The infection starts as a spammed message with a malicious attachment. Should users open the attachment it then downloads and executes a malicious .exe file. Along with its malicious routines that include stealing online banking credentials, the virus then downloads a CryptoLocker variant onto the infected system. Once inside the system it’s infecting, CryptoLocker connects to randomly generated domains to download the public key to be used in encryption. CryptoLocker then searches for files with certain file extensions to encrypt. The files it encrypts include important productivity documents and files such as .doc, .docx, .xls, .pdf, among others. Users affected by this threat may find their documents inaccessible due to Cryptolocker’s encryption. This may result in data loss as well as severely hampering the user’s productivity if their system contains work-critical documents.
Best Practices and Solutions
- Scrutinize email messages carefully. Be wary of every email you receive, especially those from unverified sources. Users should do their research or try communicating directly to the reported sender to confirm if they sent the messages.
- Refrain from clicking links embedded in email. It is best to avoid clicking links in email. However if you need to, make sure that your browser uses web reputation to check the link. As an added precaution, you can use free services like Trend Micro Site Safety Center to verify the reputation of the site.
- Backup documents. Users should also back up their documents. The 3-2-1 rule applies here – three backup copies of your data, on two different media, and one of those copies in a separate location. Cloud storage services can be a good option.
- Regularly update software. It is best to update your software with the latest security patches. This provides an added layer of protection against online threats in general.
- Install a security solution. Using a reliable antimalware solution can detect such threats even before they begin. Security solutions like Trend Micro can even block malware-carrying spam before they reach your inbox.
Be sure to educate users on the existence of ransomware and the best practices for avoiding an attack.
DTS offers the protection you need through antivirus, antimalware and backup solutions. In addition, our Managed IT Services ensures that the latest security patches are installed on user devices. Contact us today to learn more about protecting your environment.