There’s a New Outlaw in Town, Cryptolocker – THDP3

 

cryptolocker3   I think today’s podcast is the most important one we have recorded.  I didn’t realize until last week that there are many people out there that don’t have the slightest notion of the dangers facing them on the Internet.  These dangers are just the sort of thing I want to cover with this podcast.  So far we have podcasts coming up covering Social Engineering, How you can protect yourself while online, and more editions of our Backup and Restore podcast series.  Your feedback and input would be greatly appreciated.  You can email us at feedback@thehelpdeskpodcast.com or you could leave us a 3 minute voicemail with SpeakPipe located on the right side of our webpage.

Up to this point I am including this podcast and the entire corresponding blog on our website.  I (so far anyway) like this better than an outline of subjects covered in the podcast with links to their websites.  If you have noticed….I have been providing links to everything as it is mentioned in the blog.  Tell me what you think one way or another.  If need be, I can adapt.

Today we celebrate a little.  I finally submitted this podcast to iTunes today.  Submissions to other podcast directories will follow soon, very soon.  So….wow!!  Now I can concentrate on the podcasts and not having to worry about whether I am going to perfect the website today or not.  BTW, our podcast is located at http://thehelpdeskpodcast.com.

And finally, we at IT Solutions-MI, LLC would like to wish everybody a wonderful Holiday season.  I personally have much to be thankful for this year.  There is a special short “end of the year podcast” in the works  that will be published shortly.  I look forward to finishing that.  BTW, Merry Christmas.

Ok, now for our episode:

cryptolocker5   There’s a new criminal in town…..and its out to get your money. It’s name is Cryptolocker and it’s a new piece of ransomware.  What is ransomware…..dare I say “The FBI Virus”? Ransomware is a class of malware cuts off your access to your computer, and demands you pay a ransom to the hackers responsible for infecting your machine in order to get your data back.   Sometimes ransomware will encrypt files on your hard drive, and sometimes it might just lock your system and display messages intending to talk you in to paying.

Crpyptolocker will gain access to your computer (typically) through an email. It enters as a Trojan and acts like a computer worm that sits  in an executable file waiting for you to click it.  When you click on the link, the trojan is loaded. The program will then begin to encrypt the personal files on your hard drive. It won’t stop there though, it will attach itself to any and all drives connected to your computer.  It will seek out your hard drive, flashdrives that are plugged in, external hard drives plugged into your computer.  It won’t stop there….it will attach itself to any drive connected to your computer through your network also.  It will then encrypt your data and before you know it……you get a ransom note email (hence the name). The ransom note will tell you that it can decrypt your data for $300. And the worst thing of all…. as near as I can tell, this is an equal opportunity virus. It attacks Macs too.

cryptolocker   According to the Inquirer (of London), Dell Computers has stated that cryptolocker has so far has infected 250,00 computers and stealing nearly a million dollars in Bitcoins (about 600,000 pounds).  Apparently the hackers responsible seem to be targeting American businesses so far.

How does your computer catch it?  Through something called social engineering.  Wikipedia defines Social Engineering as “a psychological manipulation of people into performing actions or divulging confidential information.”  A con game.  The method of delivery for Cryptolocker can be in the form of an attachment to a phishing message such as an email from Xerox trying to deliver a PDF.   Another delivery method might be as an email from what looks like PayPal or a bank urging you to click to a link.  It might look like a PDF but it’s actually an executable file that will launch the virus.

I have received numerous emails similar to that in my inbox.  At the time I could have had no idea that they were associated with Cryptolocker.  All the emails in the world such as that would not amount to anything because there is no way I would ever open such an email.  If we assumed that such an email was opened, Cryptolocker would systematically encrypt all documents that were stored on your local computer, as well as ones that are stored on mapped network drives and mounted removable storage.

True to its name (ransomware) this malware email will give you 72 hours to pay the $300.  After that deadline the key is gone and so is your data.

Once again, as near as I can tell this is an equal opportunity virus because it also attacks Macs.  I’m sure we will be covering this piece of work again and in more detail at a later date.  Consider yourself warned.

I have included the links to my resources for this blog below:

The TechGuy Labs – Beware of the cryptolocker virus

MakeUseOf.com – Cryptolocker is the Nastiest Malware ever, Here’s What You Can Do

ComputerWorld – CryptoLocker – How to Avoid Getting Infected and What to do if You Are, article 9243537

The Inquirer – Cryptolocker ransomware has infected quarter of a million systems since September

Wikipedia – Cryptolocker

Wikipedia – Socia Engineering (security)

Wikipedia – Ransomware (malware)

Leave a Reply

Your email address will not be published. Required fields are marked *