Beware of “Cryptolocker”

by

October 21, 2013

Cryptolocker

No, — it’s not a Halloween ghoul or goblin— it’s much worse than this! Cryptolocker is a new form of malicious ransomware. If Cryptolocker gains access to your PC, you risk losing all of your personal or business-related files, permanently. The ransomware is spread through infected emails and websites through phishing attacks. Recently security firms have reported a surge of computers being affected. This form of malware is rising fast, with commercial organizations as the primary target.

How Does Cryptolocker Work?

Cryptolocker encrypts your files using asymmetric encryption, which requires a private and public key. The public key is used to encrypt and verify data, and the private key is used to decrypt. When Cryptolocker infects a computer via email, the email doesn’t appear in the junk email folder. The email appears genuine, with no spelling mistakes and comes from a convincing email address. When the email is opened, the Cryptolocker software encrypts your data.  A private key to unlock the data is stored on the cybercriminal’s server. In order to receive it, you must pay $300 USD to the cybercriminal within the instructed time limit. If the payment isn’t received within the time limit, the private key is destroyed, and your files are deleted forever.

While you can’t open, view, or read your files, cybercriminals with the decryption key can. Any of your documents containing personal information or passwords, along with your videos and photos, could be accessed by the cybercriminals. While there’s currently no evidence of encrypted files being uploaded or sold, it’s definitely a possibility.

What Files Are Commonly Targeted?

The targeted files are commonly found on most PCs; a list of targeted file extensions include:

accdb, 3fr, ai, arw, cdr, bay, cer, cr2, crt, crw, dbf, der, dcr, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

What To Do?

If you are infected, call Integris right away at (888) 330-8808 and we can help you.  Do not pay any money.

Sometimes, it’s possible to recover previous versions of the encrypted files, simply by using System Restore or other recovery software. But if you haven’t got a reliable backup and your computer becomes infected with Cryptolocker, chances are, you’re never going to see your files again. In addition, if your backup device was connected to your computer, your files may not be recoverable. Similarly, all the files in shared network drives connected at the time of the infection could also become encrypted.  Always ensure you have a separate backup that is protected and disconnected from your network drive, so you can recover your data.

Plus, in order to be proactive, instead of reactive, use the following advice:

  • Keep Antivirus Software Active and Up to Date
  • Stay Patched by using Up-to-Date Operating Systems and Software
  • Avoid Opening Unexpected Attachments from Unknown Sources
  • Make Regular Backups Stored in Safe Places

Contact your IT Managed Services team at Integris for more information on how to protect your files from Cryptolocker and other Malicious Software.  Call us today at (888) 330-8808 or email us at [email protected].

We're Integris. We're always working to empower people through technology.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...