National Crime Agency of UK and CERT of USA issues alert on CryptoLocker ransomware

CryptoLocker is a particularly nasty piece of ransomware malware. Once it has infected a machine, it searches for files of any of 70-odd formats, including Word documents, PDFs and Excel spreadsheets - the kind of files no one wants to lose - and then starts to encrypt them using an RSA-2048 public key.

Once this has been done, the user is shown a message that demands a ransom payment for the decryption of the files. The ransom was US$300 in earlier versions of the malware, but has since increased to two bitcoins - the price of bitcoins continues to rise, and yesterday exceeded $500 for a single bitcoin.

The message demands that the payment be made within 72 hours - although the crooks behind the malware have now included a late payment option whereby the victim has the option to retrieve the files for a payment of 10 bitcoins after the initial deadline has passed.

Full read: Virus Bulletin Blog.

Related reads:
Block or prevent Cryptolocker ransomware attacks with CryptoPrevent
HitmanPro.Alert Review: Free Ransomware Protection & Browser Intrusion Detection Tool.

(@Anand - Your first link under "Related reads" is broken)

This particular "ransomware" has been an issue for some time but have noticed several Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries have mentioned it a lot recently.

Alert (TA13-309A) CyrptoLocker Ransomware Infections is frequently updated and provides a good prevention method - which is basically maintaining normal "practice safe computing" disciplines of keeping our operating systems and security programs updated, avoiding risky and "click happy" behavior, and of course, keeping a current backup of our data - things every users should be doing anyway.

I recommend anyone concerned about security (which should be everyone!) sign up for US-DHS' US-CERT alerts here. Through these alerts and summaries you can also learn of newly reported browser, OS, and other application vulnerabilities.

Thanks Bill, corrected the links. :)