A few weeks back we had informed our readers about CryptoLocker – a new type of a ransomware that has been let loose on the Internet. This post discusses some more important facts about this malware, and steps you must take to prevent it from affecting your computer.
What is a Ransomware?
A ransomware is a malicious program that freezes or locks up the victim’s computer, and makes it nonfunctional. The malware demands the victim to pay up a certain sum of money (ransom) to unlock the compromised machine. Because of this nature of demanding money and releasing the hijacked computer, this program is known as ransomware. Some ransomware also work by encrypting all your documents and data files and ask for ransom to decrypt the same.
What is CryptoLocker?
CryptoLocker is a type of ransomware that is actively spreading on Internet. After it invades the targeted machine, it starts encrypting all kinds of files on the machine such as images, videos, documents, presentations and spreadsheets. Once it has encrypted the files, it reveals itself in the form of a pay page. The page informs the user that the files on their computer have been encrypted. To recover the files, the user must purchase a private key. The typical ransom demanded by the CryptoLocker is $300. Also, the user has a limited time period to pay up the ransom, after which the private key will be destroyed and the hijacked files will be lost forever.
Unfortunately, once CryptoLocker has encrypted your files, there is no way to recover them until you have the private key. So, should you pay the ransom? We would like to go with a resounding and bold NO.
You are dealing with outright criminals here, who are extorting money from you. And there is no saying if they will hand over your files even after you have made the payment. Of course, the data that you have lost may be crucial. But, you can lose you data in several other ways.
There is one good news though. The files that are encrypted by CryptoLocker, are not accessed by the hackers. The files remain where they are – on your system, but in an encrypted form.
How Can you Prevent a CryptoLokcer Catastrophe?
Nothing would fit the scenario of CryptoLocker than the saying, “Prevention is better than cure”. That’s right! The only way you can recover from a CryptoLocker attack is to take the right precautions way before time. For your easy reference, we have outlined them for you:
• Backup is important, but with nefarious malware like CryptoLocker around, it can be lifesaver. The malware directly goes for your personal and important files. So, the loss of such files can only be managed with regular backups. Take backups of every file that is important to you and take the backup offline.
• Ensure that your computer is running an antivirus software that gives multilayered protection, and is always up to date. Understand the fact that, if your computer is already infected with a backdoor [a means of access to a computer program that bypasses security mechanisms], then it can be used by hackers to install CrytoLocker. So, using a reliable antivirus significantly reduces the risks of a CryptoLocker attack and that of other malware also.
• Same goes for your computer’s operating system, software, and browsers. Keep them patched and updated. This is another layer of precaution that you must take. Malware can gain entry into your computer via compromised websites, security holes in Internet browsers, and malicious software. And as mentioned, CryptoLocker only needs an existing malware in your system to make its entry.
• We strongly recommend you to avoid using administrator accounts for your daily work. A malware that attacks a high-privileged account can do irreparable damage. It is like somebody shooting you with your own gun that is fully loaded. Therefore, prefer using a typical user account (your gun that is empty or not fully loaded). For instructions on how to set up a new account with standard or low privileges, please follow these links, depending on the OS you are running: Windows 7, Windows Vista, Windows XP. [source: http://www.it.cornell.edu/]
• Because infected or compromised Web sites can also let CryptoLocker into your machine, it is a good idea to have the Sandbox protection feature. It is an advanced security feature formulated for safe browsing. Once the feature is activated, it takes your Internet browser into a virtual environment. While you browse inside the Sandbox, your PC’s operating system, memory locations, files, and other vital areas are screened away from the browser. So, even if any infection does take place, it will remain confined inside the virtual environment without affecting the real PC.
• CryptoLocker may also attack you in the form of email attachments. A simple way to avoid this risk, is to trash unsolicited and unwanted emails. Be particularly careful against unexpected emails that talk about lottery, unsent courier and those from banks and financial institutions.
Note: Recently we came across a new ransomware that goes by the name Anti-Child Porn Spam Protection. It states that the target’s computer is spamming links of child pornography Web sites. And it claims that it has encrypted the computer’s data, in order to protect the user, and others from such spams. This message is followed by their demand for a certain sum of money to get a password for recovering the data. Even in such cases, please do not pay any kind of money.
Given the increasing cases of ransomware and its variants, we urge our readers to strongly consider taking the precautionary measures listed in this post.