Like Tree1Likes
  • 1 Post By Digerati

Thread: National Crime Agency of UK and CERT of USA issues alert on CryptoLocker ransomware

  1. #1
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,430

    Default National Crime Agency of UK and CERT of USA issues alert on CryptoLocker ransomware

    CryptoLocker is a particularly nasty piece of ransomware malware. Once it has infected a machine, it searches for files of any of 70-odd formats, including Word documents, PDFs and Excel spreadsheets - the kind of files no one wants to lose - and then starts to encrypt them using an RSA-2048 public key.

    Once this has been done, the user is shown a message that demands a ransom payment for the decryption of the files. The ransom was US$300 in earlier versions of the malware, but has since increased to two bitcoins - the price of bitcoins continues to rise, and yesterday exceeded $500 for a single bitcoin.

    The message demands that the payment be made within 72 hours - although the crooks behind the malware have now included a late payment option whereby the victim has the option to retrieve the files for a payment of 10 bitcoins after the initial deadline has passed.

    Full read: Virus Bulletin Blog.

    Related reads:
    Block or prevent Cryptolocker ransomware attacks with CryptoPrevent
    HitmanPro.Alert Review: Free Ransomware Protection & Browser Intrusion Detection Tool.

  2. #2
    Digerati's Avatar
    Digerati is offline Windows Enthusiast
    Join Date
    Apr 2010
    Location
    Nebraska, USA
    Posts
    95

    Default

    (@Anand - Your first link under "Related reads" is broken)

    This particular "ransomware" has been an issue for some time but have noticed several Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries have mentioned it a lot recently.

    Alert (TA13-309A) CyrptoLocker Ransomware Infections is frequently updated and provides a good prevention method - which is basically maintaining normal "practice safe computing" disciplines of keeping our operating systems and security programs updated, avoiding risky and "click happy" behavior, and of course, keeping a current backup of our data - things every users should be doing anyway.

    I recommend anyone concerned about security (which should be everyone!) sign up for US-DHS' US-CERT alerts here. Through these alerts and summaries you can also learn of newly reported browser, OS, and other application vulnerabilities.
    HappyAndyK likes this.

  3. #3
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,430

    Default

    Thanks Bill, corrected the links.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22