HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 14 MINUTES AGO.
You are here: Home / Network Security / CryptoLocker Ransomware Spreading
CryptoLocker Ransomware Spreading Rapidly
CryptoLocker Ransomware Spreading Rapidly
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
NOVEMBER
04
2013


Security firms started sounding the alarm earlier this year, but this nefarious cyber nemesis has only picked up momentum. CryptoLocker is spreading its ransomware wings and finding plenty of victims in its path.

But let’s take a step back. What is CryptoLocker? According to AppRiver, CryptoLocker belongs to a type of malware known as ransomware. If a victim is infected, the malware encrypts all files containing certain extensions with a locally stored 2048-bit RSA key and then again asymmetrically with a 256-bit AES encryption key it gets from its command-and-control server.

Once the encryption is completed, the malware displays a pop-up notice demanding the victim pay a ransom for the blocked files he is trying to view. The cost to unlock the files: $300 -- and there’s a time limit of about 100 hours to pay up.

Rapidly Spreading Ransomware

In the last 30 days, AppRiver’s spam filters quarantined 56.6 million e-mails that contained a virus as an attachment. And CryptoLocker is still the biggest piece of malware being trapped. This rate is an increase, for the fourth consecutive month, and is the highest total seen since March of 2012.

Troy Gill, senior security analyst of AppRiver, told us given the key arrests that were made involving the author of the Blackhole Toolkit -- and given the fact that its use was the most widespread -- its natural to assume that there’d be a decrease in malware. But that’s not been the case.

“Instead our intelligence confirms that the criminals that were using it simply jumped ship and moved on to a toolkit by the name of Magnitude and, very quickly, it was business as usual for them. It seems malware authors have major problems when it comes to customer loyalty,” Gill said.

Are You Backed Up?

Unlike some other forms of ransomware, CryptoLocker actually does encrypt the victim’s PC until payment is made. So far, Gill said, reports have stated that those who pay the ransom do in fact receive the promised encryption key and are returned access to their important files -- although there have also been multiple reports of those who have paid and have not received the keys.

“If you are especially worried about CryptoLocker, or if you know someone who is prone to infection, the best thing you can do, aside from not getting infected, is to create hard backups of important files,” Gill said. “This way if you become infected you can simply wipe your machine and start fresh. Without a plan B, you will be left with a difficult decision of either paying the attackers or losing your files.”

Indeed, Tom Cross, Lancope director of security research, said the unfortunate reality is that as far as we know at this time, files encrypted by CryptoLocker are as good as gone.

“Having a good backup solution is the key to protecting yourself against an attack like this, so that you can restore your computer to a state before it was infected,” he said. “It's also important to keep antivirus software up to date. Many CryptoLocker infections are happening to computers that were already infected with another malware. A recent study by Microsoft concluded that you are five times more likely to be infected with malware if you aren't using anti-virus software.”

Tell Us What You Think
Comment:

Name:

CryptoLocker News Channel:
Posted: 2013-11-28 @ 3:50pm PT
Wow this is crazy! I've dedicated my time to follow CryptoLocker.
youtube.com/CryptoLocker

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
The FBI is pointing the finger of blame for the Sony Pictures cyberattack directly at North Korea. The hackers stole confidential data and caused the movie giant to can its new comic film, "The Interview."

ENTERPRISE HARDWARE SPOTLIGHT
Remember the classic BlackBerry that took the cell phone market by storm in its heyday? Well, it’s retro time at the Canadian handset maker as it rolls out the aptly-named BlackBerry Classic.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.