|Home | Yearly News Archive | Advertisers | Blog | Contact Us||
||Friday, March 24, 2017|
With new malware, you have to pay to get your file
Joined: Mar 19 2012
Posted: Nov 06 2013 at 12:00pm
Watch out more then ever when opening e-mail attachments
CryptoLocker, a nasty new piece of malicious software, is infecting computers worldwide—encrypting important files and demanding a ransom to unlock them.
According to global digital security company Sophos, the malware has been hitting pretty hard for the past six weeks or so.
Henrik5000 | E+ | Getty Images
systematically hunts down every one of your personal files—documents,
databases, spreadsheets, photos, videos and music collections—and
encrypts them with military-grade encryption, and only the crooks can
open it," said Chester Wisniewski, a senior security advisor at Sophos.
(Read more: What to do when managing someone else's money)
Your computer, even though it's infected, keeps working normally; you just can't access any of your personal files. It's scary, especially if you haven't backed up your data.
"Cybercrime is evolving as the bad guys get smarter and use newer technologies," said Michael Kaiser, executive director of the National Cyber Security Alliance. "They're always looking for new ways to steal your money."
CryptoLocker is different from other types of "ransomware" that have been around for many years and that freeze your computer and demand payment. Those can usually be removed, restoring your access to files and documents.
But CryptoLocker encrypts your files. There's only one decryption key, and the bad guys have that on their server. Unless you pay the ransom within three days, that key will be destroyed. And as the message from the extortionists says, "After that, nobody and never will be able to restore files. …"
(Read more: New security threat: Cash register skimmers)
The typical extortion payment is $300 or 300 euros paid by Green Dot MoneyPak, or for the more tech-savvy, two bitcoins, currently worth about $400.
To instill a sense of urgency, a digital clock on the screen counts down from 72 hours so you can see how much time is left before that unique decryption key is destroyed.
One victim described his anguish in an online post: "The virus cleverly targeted … all of our family photos, including all photos of my children growing up over the last 8 years. I have a distraught wife who blames me!"
This sophisticated malware is delivered the old-fashioned way: an executable file hidden inside an attachment that looks like an ordinary ZIP file or PDF. One small business reports being compromised after clicking on an email attachment that was designed to look like a shipping invoice from the U.S. Postal Service.
Open that file and bad things start to happen, although it may take several days for the ransom demand to appear on your screen after the machine is infected.
"The author ... is a genius. Evil genius, but genius none the less," an IT professional commented in an online tech forum. Another wrote, "This thing is nasty and has the potential to do enormous amounts of damage worldwide."
(Read more: Scammers target utility customers)
Good anti-virus software can remove CryptoLocker from your computer but cannot undo the damage—the encryption is that good.
"It's the same type of encryption used in the commercial sector that's approved by the federal government," Wisniewski told me. "If the crooks delete that encryption key, your files are gone forever. Even the NSA can't bring them back."
Victims large and small
The cybercrooks are targeting both businesses and individual users—anyone who will pay to regain access to their files.
The CryptoLocker forum on BleepingComputer.com is filled with page after page of horror stories. Here is a small sample:
Of course, there's no guarantee of a happy ending even if you pay the ransom. And then there's the bigger issue: By paying, you're helping to fund a criminal operation.
"It encourages them to continue," said Howard Schmidt, former White House cybersecurity advisor and a co-founder of Ridge-Schmidt Cyber. "As people pay the ransom, the bad guys have the money to reinvest."
How to protect yourself
Go on the Internet and there's no way to be sure malware won't make it onto your computer— even if you follow all the rules of safe computing. So you need to act defensively, and that means regular backups.
"Back up, back, up, back up," Schmidt said. "That's the only way to reduce the risk of losing your files forever."
If you have a recent backup, you can recover from CryptoLocker without serious consequences. That backup should be a snapshot of everything on your system rather than a simple synchronization, as happens with most automated external hard drives and many cloud-based services.
With synchronized backups, stored files that have changed on the master drive are overwritten with the new ones. If a malicious program encrypts your master files, those backups would also be encrypted and thus useless. Your backup should be disconnected from your computer until the next time you need to access it.
—By CNBC contributor Herb Weisbaum. Follow him on Facebook and TwitterThe ConsumerMan website.
|Forum Jump||Forum Permissions
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum
This page was generated in 0.078 seconds.