You recall that CryptoLocker locks up users’ machines, encrypts the files, then demands a payment to unlock the encrypted files. Even if the actual malware is removed, the data remains unavailable.
“There’s mostly no way to get the data back without paying the ransom and that’s the reason why bad guys focus on this scheme as it generates huge profit, “ said Jiri Sejtko, Director of AVAST Software’s Virus Lab Operations.
There is new evidence that another more insidious version of ransomware could be coming. Underground hacker forums have seen advertisements for a new DIY ransomware tool-kit dubbed Prison Locker or PowerLocker available, along with convenient tutorials, for a $100 license fee. A blog post on Malware Must Die, an online crime fighting group, gives the details.
Question of the week: I have read frightening stories about CryptoLocker locking computers. I don’t have $200 to pay blackmailers for my own files. How do I protect myself from getting attacked? Does avast! protect from CryptoLocker?
“Avast! Antivirus detects all known variants of CryptoLocker thanks to our automated processing and CommunityIQ,” said Pavel Sramek, researcher and analyst for the avast! Virus Lab. “There are less than a dozen; this doesn’t seem to be a case of rapidly mutating malware.”
What is CryptoLocker?
CryptoLocker is malware known as “ransomware” that encrypts files on a victim’s Windows-based PC. This includes pictures, movie and music files, documents, and certain files on local or networked storage media. A ransom, paid via Bitcoin or MoneyPak, is demanded as payment to receive a key that unlocks the encrypted files. The victim has 72 hours to pay about $200; after that the ransom rises to over $2,200.
How to get CryptoLocker?
The CryptoLocker virus is often attached as an executable file disguised as a PDF attachment to an official-looking “spoofed” email message which claims to come from banks, UPS or FedEx claiming to be a tracking notification. When someone opens the email, they are asked to download a Zip file that contains an executable file (.exe) that unleashes the virus. There is also evidence that CryptoLocker started with infections from the ZeuS or Zbot banking Trojan and is being circulated via botnets to download and install CryptoLocker.
How to protect your computer from CryptoLocker?
AVAST users should be safe from infection during the short period when the malware is new and “undetected” as long as AutoSandbox and DeepScreen are active. “The infection is prevented by means of a dynamic detection,” said Sramek.
“We also automatically add detections for each new sample that passes our backend filters,” said Jiri Sejtko, Sramek’s colleague in the avast! Virus Lab.
“Against future threats like this, having a backup is always a good idea – who knows when CryptoLocker v2.0 will be released, and every antivirus solution is reactive by nature,” said Sramek. “The encryption used is virtually unbreakable, there is zero chance of recovering files after infection.”
Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up. Try avast! BackUp free for 30 days; after that you can choose a subscription based on your storage needs.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.