Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘CryptoLocker’
June 17th, 2014

AVAST kills Android ransomware with new app

avast! Ransomware Removal app eliminates Android ransomware and unlocks encrypted files, for free!

ransomware-removal-suitcase

Ransomware, the terror of Windows that locks computers, encrypts the files, then demands a hefty payment to unlock them, has made its way to Android smartphones.

“The ransomware problem is growing like hell – and it’s no longer just threatening users – the new versions actually do encrypt your files,” said Ondrej Vlcek, Chief Operating Officer at AVAST Software.

AVAST Software just released a new app called avast! Ransomware Removal that will eliminate the malware from an infected device. Get it free for your Android smartphone and tablet from the Google Play Store.

avast! Ransomware Removal will tell you if your phone has ransomware on it. If you are infected, it will eliminate the malware. Android users who are clean, can use the free app to prevent an infection from happening.

This short video shows you what actually happens when ransomware infects your Android smartphone.

The next wave of attacks

Savvy malware writers know where the next round of victims can be found. With Android at a whopping 80% worldwide market share, as well as “billions” of remaining mobile subscribers ready to upgrade to smartphones, the targets are numerous.

After detecting the massive growth of ransomware on PCs, this spring AVAST Virus Lab researchers saw the malware migrating to the Android platform. Analysts identified fake government mobile malware, and early this month a new ransomware called SimplLocker proved to be successful. This proof-of-concept worked so well encrypting photos, videos, and documents stored on smartphones and tablets, that the Virus Lab immediately ordered a tool from our mobile development team to combat it - avast! Ransomware Removal.

SimplLocker blocks access to files contained on mobile devices. Without our free ransomware-removal tool, infected users have to pay $21 to regain access to their personal files,” said Vlcek. “SimplLocker is the first ransomware that actually encrypts these files, so we developed a free tool for people to restore them.”

Find. Kill. Prevent.

Install avast! Ransomware Removal to find out if your Android devices are infected and to get rid of an infection. Anyone infected by SimplLocker, Cryptolocker, or any other type of ransomware can download the free avast! Ransomware Removal tool, and then install the app remotely on the infected device. Once installed, you can easily launch the app to scan the device, remove the virus, and then decrypt your hijacked files.

To keep your devices protected from Cryptolocker, SimplLocker, and other ransomware, make sure to also install avast! Free Mobile Security & Antivirus from the Google Play store. It can detect and remove the malware before it is deployed.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

June 4th, 2014

How to protect yourself from the coming virus apocalypse

After the takedown of a major botnet, users have a “two-week window” to protect themselves against a powerful computer attack that ransoms people’s data and steals millions of dollars from unsuspecting victims. 

Zeus_Banner_blhd01
If you read our blog, you are familiar with the dangers of the Zeus Trojan and ransomware, and how people get infected. Here’s a quick review:

1. The victim opens a carefully crafted email which is designed to look like it came from their bank or a well-known company.
2. The victim clicks on and runs an email attachment.
3. Malicious software like the one making the news now, Gameover Zeus, releases a Trojan which searches the computer for passwords and financial data.
4. Once Gameover Zeus finds what it’s seeking, cybercrooks instruct CryptoLocker, ransomware software, to hijack the computer, encrypt the files, and demand payment for it to be unlocked. To get access to your computer again, you must pay a ransom within a set amount of time.
5. Once infected, the computer becomes part of the global botnet.

The good news

Led by the FBI, agents from Europol and the UK’s National Crime Agency (NCA) brought two computer networks that used the Gameover Zeus botnet and Cryptolocker ransomware to infect up to a million computers and cost people more than $100 million under control of the good guys.

The bad news

As we explained in our blog post yesterday, GameOver Zeus May not be as Over as You Think, cybercrooks could conceivably build another botnet to replace the ones that were shut down.

Why the two-week window?

This window is based on the amount of time the FBI thinks they can ”hold the upper-ground against the cybercriminals.” Two weeks should be enough time for computer users to update their operating system software and security software and disconnect infected computers.

Steps to take now to protect your computer

Read more…

Comments off
June 3rd, 2014

GameOver Zeus May not be as Over as You Think

The FBI, along with the Department of Justice, announced a multinational effort on their website that has disrupted a botnet called GameOver Zeus. GameOver Zeus has infected millions of Internet users around the world and has stolen millions of dollars.

AVAST detects and protects its users from CryptoLocker and GOZeus.

Everyone should have up-to-date antivirus protection on their computer. AVAST detects and protects its users from CryptoLocker and GOZeus.

 

The UK’s National Crime Agency (NCA) has worked closely with the FBI to crack down on the GameOver Zeus botnet. The NCA has given infected users a two week window to get rid of the malware and those lucky enough to have thus far been spared, the opportunity to safeguard themselves against future attacks. The two week window is an estimation on how long it will take cybercriminals to build a new botnet. The FBI has stated on their website that GameOver’s botnet is different from earlier Zeus variants in that the command and control infrastructure communicates peer-to-peer, rather than from centralized servers. This means that any infected computer can communicate controls to other infected devices. If cybercriminals build a new botnet, which will likely happen, the new botnet can resurrect dormant infected machines and continue to infect new users while stealing financial and personal information from innocent victims.

Do you really have two weeks, and what should you do?

Who knows how long it may take for a new botnet to emerge; it could appear tomorrow or in two weeks. People should not take this threat lightly and should act immediately. Read more…

January 24th, 2014

Ransomware worse than CryptoLocker?

The name CryptoLocker makes the hairs on the back of our neck stand up, and now researchers tell us that something worse may be coming.
ransomware

You recall that CryptoLocker locks up users’ machines, encrypts the files, then demands a payment to unlock the encrypted files. Even if the actual malware is removed, the data remains unavailable.

“There’s mostly no way to get the data back without paying the ransom and that’s the reason why bad guys focus on this scheme as it generates huge profit, “ said  Jiri Sejtko, Director of AVAST Software’s Virus Lab Operations.

There is new evidence that another more insidious version of ransomware could be coming. Underground hacker forums have seen advertisements for a new DIY ransomware tool-kit dubbed Prison Locker or PowerLocker available, along with convenient tutorials, for a $100 license fee. A blog post on Malware Must Die, an online crime fighting group, gives the details.

Read more…

Categories: General Tags: ,
Comments off
November 19th, 2013

Can avast! protect me against CryptoLocker?

howto2_enQuestion of the week: I have read frightening stories about CryptoLocker locking computers. I don’t have $200 to pay blackmailers for my own files. How do I protect myself from getting attacked? Does avast! protect from CryptoLocker?

 

“Avast! Antivirus detects all known variants of CryptoLocker thanks to our automated processing and CommunityIQ,” said Pavel Sramek, researcher and analyst for the avast! Virus Lab. “There are less than a dozen; this doesn’t seem to be a case of rapidly mutating malware.”

CryptoLocker EN

 

 

 

 

 

 

 

 

 

 

What is CryptoLocker?

CryptoLocker is malware known as “ransomware” that encrypts files on a victim’s Windows-based PC. This includes pictures, movie and music files, documents, and certain files on local or networked storage media. A ransom, paid via Bitcoin or MoneyPak, is demanded as payment to receive a key that unlocks  the encrypted files. The victim has 72 hours to pay about $200; after that the ransom rises to over $2,200.

How to get CryptoLocker?

The CryptoLocker virus is often attached as an executable file disguised as a PDF attachment to an official-looking “spoofed” email message which claims to come from banks, UPS or FedEx claiming to be a tracking notification. When someone opens the email, they are asked to download a Zip file that contains an executable file (.exe) that unleashes the virus.  There is also evidence that CryptoLocker started with infections from the ZeuS or Zbot banking Trojan and is being circulated via botnets to download and install CryptoLocker.

How to protect your computer from CryptoLocker?

AVAST users should be safe from infection during the short period when the malware is new and “undetected” as long as AutoSandbox and DeepScreen are active. “The infection is prevented by means of a dynamic detection,” said Sramek.

“We also automatically add detections for each new sample that passes our backend filters,” said Jiri Sejtko, Sramek’s colleague in the avast! Virus Lab.

“Against future threats like this, having a backup is always a good idea – who knows when CryptoLocker v2.0 will be released, and every antivirus solution is reactive by nature,” said Sramek. “The encryption used is virtually unbreakable, there is zero chance of recovering files after infection.”

Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up. Try avast! BackUp free for 30 days; after that you can choose a subscription based on your storage needs.

Read the warning issued to American computer users from US-CERT, and the warning to British users from NCA’s National Cyber Crime Unit.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.