DANGER! DANGER! DANGER!
Beware of a new particularly pernicious virus: CryptoLocker
There is currently no antivirus software that can prevent a CryptoLocker infection, neither is there, there’s no clean-up tool as yet.
Online attackers are using encryption to lock up our files and demand a ransom — and AV software probably won’t protect you. It’s already hit many consumers and small businesses.
The first sign that you have been infected with CryptoLocker is when you see a red banner like the one below, warning that your files are now encrypted — and if you send money to a given email address, access to your files will be restored to you.
The other sign you’ve been hit is that you can no longer open Microsoft Office files, database files, and most other common documents on your system. When you try to do so, you get another warning, such as “Excel cannot open the file [filename] because the file format or file extension is not valid”.
Remember that antivirus software probably won’t prevent a CryptoLocker infection. In every case so far the PC owner had an up-to-date Antivirus application installed. Moreover, running Windows without administrator rights does not stop or limit this virus. It uses social engineering techniques — and a good bit of fear, uncertainty, and doubt — to trick users into clicking a malicious download or opening a bogus attachment.
CryptoLocker attacks typically come in three ways:
1) Via an email attachment. For example, you receive an email from a shipping company you do business with. Attached to the email is a .zip file. Opening the attachment launches a virus that finds and encrypts all files you have access to — including those located on any attached drives or mapped network drives.
2) You browse a malicious website that exploits vulnerabilities in an out-of-date version of Java.
3) Most recently, you’re tricked into downloading a malicious video driver or codec file.
There are no patches to undo CryptoLocker and, as yet, there’s no clean-up tool — the only sure way to get your files back is to restore them from a backup.
Some users have paid the ransom and surprisingly, were given the keys to their data, however this is obviously a risky option. But if it’s the only way you might get your data restored, use a prepaid debit card — not your personal credit card. You don’t want to add the insult of identity theft to the injury of data loss.
Your best prevention is to ensure you keep complete and recent backups of your system ready to restore if you are infected.
I asked a mate of mine who specializes in removing viruses etc. This is what he replied:
YEAH IT IS REAL
but as long as you don’t down load the software and have good antivirus and are diligent then you will be okay …I am doing one now for a person. It is call the Australian federal police warning and his files are locked until he pays ..I am working through it…it is tough
Just don’t open emails you don’t know or that look suspicious as they are sent that way also