Malware locks your files forever, unless you pay ransom

malware image

In a world where information is the fulcrum that a successful business balances upon, it is crucial that a company’s data is protected from all potential threats. As technologies continue to evolve, so do the tools used to perpetrate cybercrimes; new and improved viruses and scams hit the streets on a daily basis.

Meet Cryptolocker, the new mean kid circulating around the malware block. Its designers are essentially holding individuals and businesses at gun point, demanding “your money or your files.”

This malicious virus uses a simple and effective method of propagation; a hidden executable masquerading as a harmless pdf or zip file attachment in an email. Unsuspecting victims click on the attachment which immediately launches the virus.

Cryptolocker is a form of ransomware called cryptoviral extortion where the files on an infected computer are all encrypted. This is different from other forms of ransomware that may freeze or affect the operating system of the affected machine.

“Even though it’s infected, your computer keeps working normally; you just can’t access any of your personal files. It’s scary, especially if you haven’t backed-up your data.”

Unfortunately, your onsite backup systems can also be compromised as the virus actively searches out network locations and encrypts them as well. Evidently, it’s becoming increasingly more important to have a secure, offsite backup solution.

Once the virus has achieved its malicious aims of encrypting all of the personal files on a computer, it launches its second phase; the demand to pay several hundred US dollars to the extortionists or lose your files for good, threatening to delete the only copy of the decrypt key, which is stored on their servers, after 96 hours.

“It’s the same type of encryption used in the commercial sector that’s approved by the federal government… If the crooks delete that encryption key, your files are gone forever – even the NSA can’t bring them back.”

Good anti-virus software can remove the malware from a computer, but it can’t decrypt the files. Once infected, the victim has two options; give in to the demands and pay the ransom, or restore files from uninfected backups. CyberSecure’s systems are immune to the Cryptolocker virus, plus we keep multiple additional backups of clients’ backups in case any client backup account is compromised.

Article by Cybersecure

Leave a reply

Your email address will not be published. Required fields are marked *