What happens if my computer is infected?Īccording to Kaspersky, once infected, the ransomware-interface displays a countdown clock of three days, warning users that if time elapses, the private decryption key will be deleted forever, and there will be no way to recover the encrypted files.Īt this point, users have two choices: 1) pay the ransom and hope the attackers make good on their “promise”or 2) recover their data from backups. Both threats are motivated by monetary gains that cybercriminals can make from extorting money from victims. The difference between Ransomlock and Cryptolocker Trojans is that Ransomlock Trojans generally lock computer screens while Cryptolocker Trojans encrypt and lock individual files. What’s the difference between Ransomware and Cryptolocker? (This Q&A comes direct from Symantec) Where and who is Cryptolocker targeting?Īccording to Kaspersky’s Costin Raiu, this malware primarily targets users from US and UK, with India, Canada, Australia and France being second-tier targets. Bitcon is an open source peer-to-peer payment network. What is known is that attackers demand a ransom payment in a number of different payment methods, including Bitcoin, that allows them to stay anonymous. This is a difficult question to answer as it appear there may be a few different cyber-attack groups using CryptoLocker at the moment. The attachments may look like legitimate emails, so it is important to remind users not to click on any email links if they do not know the sender. As of this time, the US-CERT says the primary means of infection appears to be phishing emails containing malicious attachments. Thankfully in these cases the clients had the appropriate backup systems in place and were able to restore the files to the pre-infection state. If a company becomes infected and does not have their files backed up the files may be lost.Īt Eze Castle Integation we have had clients become infected. Some versions of Cryptolocker can encrypt local files as well as external hard drives, network file shares and even cloud storage services that allow local folders to sync with online storage.
What is Cryptolocker?Ĭryptolocker is a new variant of ransomware that restricts access to infected computers by encrypting them and demanding that the victim pay the attackers a ransom in order to decrypt and recover their files. Questions abounded about this new evolution in malware so today’s post aims to address the who, what, when and where of Cryptolocker as well as a few other common Qs. At last week’s Hedge Fund Launch 2.0 seminar, the topic of the malicious Cryptolocker malware that is circulating was highlighted as a wakeup call for why backup and security are nonnegotiable IT components.