In the past month several antivirus companies have discovered a new ransomware variant known as Cryptolocker. Ransomware is a type of malware on the rise that holds your precious files hostage for money.
It does that by searching your computer and shares for popular file extensions and encrypts them preventing you from accessing them ever again unless you pay up.
This type of ransomware does not spread to other PC’s or replicate by itself. This program needs your interaction to do its evil work. Ransomware needs you to launch the program on your PC. Of course, like phishing scams, It does this by trying to trick you into opening up some random attachment from a random email.
This attachment (could be a picture, zip file or other) contains the simple script to get it started doing its havoc on your PC.
If your PC gets infected then your files will more then likely be encrypted shortly after and will not be able to access them. It is impossible to decrypt the files without the private key. If you see the dreaded “Your personal files are encrypted!” message, stay calm and think if you have your files backed up somewhere. If you try to access the files and get denied access message, they have been encrypted.
If absolutely necessary, you may need to pay the $300 and obtain the “private key” to decrypt your files.
A Couple Tips.
If you receive any email with an attachment or link and you think it is “phishy” for whatever reason, delete it, as its not worth it. That’s why these attacks are called phishing attacks as they lure you in by sending tempting emails that have a random picture attached with text that says “did you see this?”.
You can download the free version of Malwarebytes that can remove the Cryptolocker from your PC. If you haven’t been infected yet make sure your anti-virus is up-to-date or better yet download and use the Malwarebytes Pro version since $25 bucks is better then $300.
The pro version prevents this and other ransomware copy cats from ever occurring in the first place. That is a good deal if your one of those users that can’t resist the “check this out” email that comes through occasionally and have important files.
Another good preventive measure is to backup your files to a external media (CD/DVD or large USB drive) or even cloud based (Google Drive, Microsoft SkyDrive etc…) Then you could simply run Malwarebytes to remove this ransomware and replace the encrypted files with your backed up files.
Have you been infected by this or a similar ransomware? If so I would be interested to hear how you handled it. Please leave your comment below.