A new virus is making its way around the world but this one can really hit you where it hurts, your pocketbook. That’s right, this isn’t some amateur teen hacker looking to send mass emails from your computer or cause destruction, more likely a group of professional hackers are behind Crypto Locker and they are looking to strike it rich.
Crypto Locker infects computers through an email phishing scam pretending to be FedEx, UPS or some other innocent looking company. When you click to open the attachment which is an executable cleverly disguised as a PDF, JPG, Word or Excel doc, the virus will securely encrypt all of your files with encryption so secure the NSA won’t even be able to decrypt it. Once encrypted you will receive a notice informing you that your documents are not available to you until you pay a ransom of anywhere between $100 and $500. The attackers offer a multitude of anonymous payment methods and give you a specified amount of time to act before your decrypt key will be deleted rendering your files unrecoverable.
The attackers seem to be offering multiple ways to pay using anonymous and online currencies such as bitcoin, GreenDot MoneyPak and others.
Back in 2008 a similar virus was unleashed to the public called GPCode which used RSA keys to encrypt user data but was quickly cracked allowing users to recover their data. Unfortunately, it is widely believed that this encryption is far superior to GPCode’s and a timely crack to free your data is unlikely.
As always this blog piece is meant to be educational and not the be all end all on ransomware or Crypto Locker in general. Please make sure your systems are completely backed up on a daily basis in order to prevent this type of virus from wreaking havoc on your computer and or network. Financial Computer Systems (888-434-6443) offers a backup service called BackITUp that can help your organization stay ahead of the curve and preemptively protect your data in case of a worst case scenario such as Crypto Locker. Whatever product you decide on, make sure you are protected. Also, if you receive an email with an attachment, DO NOT OPEN it unless you can verify 100% who it’s from. This is extremely important. Hope this helps!
Keywords to know:
phishing – the act of attempting to acquire personal or private information such as birth dates, credit card numbers, social security numbers, usernames, passwords, etc by posing as a known entity (bank, car company, shipping company, tech company, game company, etc) that you are likely to deal with regularly.
executable – an application that automatically executes its instructions when opened
encryption – a method of encoding messages or other information that isn’t easily decrypted (or readable) without a password or other secure key.
bitcoin – an online currency that functions without a central authority. A cryptocurrency that uses cryptography to prevent double-spending. Each bitcoin is worth approx. $207 USD as of Oct. 28th 2013.
ransomware – a malware that restricts access to the computer system that it infects and demands a ransom paid to its creator in order to be removed.