- 1 Post By Digerati
19th November 2013, 10:48 #1
National Crime Agency of UK and CERT of USA issues alert on CryptoLocker ransomware
CryptoLocker is a particularly nasty piece of ransomware malware. Once it has infected a machine, it searches for files of any of 70-odd formats, including Word documents, PDFs and Excel spreadsheets - the kind of files no one wants to lose - and then starts to encrypt them using an RSA-2048 public key.
Once this has been done, the user is shown a message that demands a ransom payment for the decryption of the files. The ransom was US$300 in earlier versions of the malware, but has since increased to two bitcoins - the price of bitcoins continues to rise, and yesterday exceeded $500 for a single bitcoin.
The message demands that the payment be made within 72 hours - although the crooks behind the malware have now included a late payment option whereby the victim has the option to retrieve the files for a payment of 10 bitcoins after the initial deadline has passed.
Full read: Virus Bulletin Blog.
Block or prevent Cryptolocker ransomware attacks with CryptoPrevent
HitmanPro.Alert Review: Free Ransomware Protection & Browser Intrusion Detection Tool.
20th November 2013, 14:16 #2
(@Anand - Your first link under "Related reads" is broken)
This particular "ransomware" has been an issue for some time but have noticed several Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries have mentioned it a lot recently.
Alert (TA13-309A) CyrptoLocker Ransomware Infections is frequently updated and provides a good prevention method - which is basically maintaining normal "practice safe computing" disciplines of keeping our operating systems and security programs updated, avoiding risky and "click happy" behavior, and of course, keeping a current backup of our data - things every users should be doing anyway.
I recommend anyone concerned about security (which should be everyone!) sign up for US-DHS' US-CERT alerts here. Through these alerts and summaries you can also learn of newly reported browser, OS, and other application vulnerabilities.
20th November 2013, 15:54 #3
Thanks Bill, corrected the links.