WARNING! The 1 Thing We Must All DO NOW to Survive The World’s Nastiest Bug That’s Coming for Us All

WARNING! The 1 Thing We Must All DO NOW To Survive The World’s Nastiest Bug That’s Coming For Us All

Today I thought I’d share an entire newsletter that arrived in my inbox.

Why?

Cause it’s damn important.

CRYPTOLOCKER.

Remember the name.

Cryptolocker is new malware coming to a computer near you.

Malware is short for malicious software and generally refers to a variety of forms of intrusive and hostile programs.

Besides been informed, been super careful of what and where you’re clicking, and sticking to ‘safe’ browsing habits, the best chance you’ve got of surviving Cryptolocker is to make TRIPLY sure you’ve got UP TO DATE BACKUPS.

Ben tells us all the time that you’re not truly backed up unless you’ve backed up 3 times.

So just do it. No if’s or buts after you read this article. BACKUP.

And if you don’t know how to backup or if your backup solution is working, come and see us, and we’ll get your sorted – ARMED – against the virus of all viruses!

PS. I included the whole newsletter from these guys coz they actually have included some other great info. Take a read….

Tip of the Day: Windows 8.1 integrates Bing into the standard, system-wide search experience. If you don’t like this, you can disable it. To do so, open the Change PC Settings screen, select Search and apps, and disable the option under Use Bing to search online.

CryptoLocker Is The Nastiest Malware Ever & Here’s What You Can Do

by Matthew Hughes

Ransomware is an especially odious type of malware. The way it works is simple. Your computer will be infected with some malicious software. That software then renders your computer entirely unusable, sometimes purporting to be from local law enforcement and accusing you of committing a computer crime or viewing explicit pictures of children. It then demands monetary payment, either in the form of a ransom or a “fine” before access to your computer is returned.

Horrible, isn’t it? Well, get ready to meet CryptoLocker; the evil patriarch of the Ransomware family.

What Is CryptoLocker

CryptoLocker is a piece of malware targeting computers running the Microsoft Windows operating system. It is typically spread as an email attachment, often purporting to be from a legitimate source (including Intuit and Companies House). Some say it is also being spread through the ZeuS botnet.

Once installed on your computer, it systematically encrypts all documents that are stored on your local computer, as well as ones that are stored on mapped network drives and mounted removable storage.

The encryption used is strong, 2048 bit RSA, with the decryption key for your files being stored on a remote server. The odds of you being able to break this encryption is almost nonexistent. If you want to get your files back, CryptoLocker asks for you to fork over some cash; either two bitcoins (At the time of writing, worth almost USD $380) or $300 in either MonkeyPak or Ukash prepaid cards. If you don’t pay within three days, the decryption key is deleted and you lose access to your files forever.

I spoke to popular security expert and blogger Javvad Malik; this is what he had to say about CryptoLocker.

Ransomware such as CryptoLocker is not something very new – variations of Ransomware have been around for years. When you look at CryptoLocker, it predominantly comes in via phishing emails (from what I’ve seen). The best way to protect against it is for users to be vigilant against clicking on links within emails. Currently, it looks like there’s not much that can be done once infected and I wouldn’t advice anyone to pay the ransom. It goes back to having backups and data management in place.

Mitigating Against It

Reports suggest that some security programs have had a hard time of preventing CryptoLocker from getting its claws onto your system before it’s too late. Fortunately, American security expert Nick Shaw has created a handy piece of software called CryptoPrevent (free) . This applies a number of settings to your installation of Windows that prevents CryptoLocker from ever executing and has been proven to work in Windows XP and Windows 7 environments.

It’s also worth making sure that you check emails to see if they’re suspect before you open up any email attachments. Do they have an email address that matches up with the purported sender? Were you expecting any correspondence from them? Is the spelling and grammar consistent with what you’d expect from the genuine sender? These are all reasons to be suspicious of an email and to think twice about poking in any attachments.

Having Proper Backup

In these circumstances, I’d encourage everyone to make regular backups that are isolated from your computer. Using a networked backup solution will be utterly ineffective, as CryptoLocker has been known to encrypt data stored on these volumes.

If you use a cloud backup service like Carbonite, you can take comfort in knowing the odds are good that your files are versioned. That means if you back up an encrypted copy of a file you care about, you can revert to an earlier version. An employee of Carbonite posted this advice on Reddit.

I work for Carbonite on the operations team, and I can confirm this for most cases – I will also offer these two pieces of advice:

1) If you are affected by the virus, you should disable or uninstall Carbonite as soon as possible. If you stop backing up the files, it’s more likely that Carbonite will not have overwritten a “last known good” backup set. There is a high risk of some recent data loss (you’re effectively going back in time, so if we have no record of the file existing at a previous time, you won’t get it back) with this method, but it’s far, far better than losing all of your files.

2) When you call customer support, which you should do as soon as possible, specifically mention that you are infected with cryptolocker. It was mentioned in the post above, but I just wanted to put emphasis on it because it’ll get you through the queue faster.

Edit: also, just to state the obvious, make doubly sure the infection is off your machine before you call support, please.

Should You Pay The Ransom?

What if your computer gets compromised? It goes without saying that brute forcing a file encrypted with 2048 bit encryption is almost impossible. Noted computer security firm Sophos has looked at a number of files that have been encrypted by this particular malware and has failed to notice any obvious means in which they can be decrypted without forking over a ransom.

With that in mind, the only way to get your data back is by paying the ransom. However, this poses a major ethical dilemma. By paying the ransom, you make this type of chicanery profitable and therefore perpetuate it. However, if you don’t pay the ransom, you forever lose access to everything you’ve been working on which is stored on your computer.

What further complicates things is that it is impossible to ascertain who would be the recipient of any money paid. It may something so simple as a single person working from his bedroom looking to get rich at the expense at others, or it might be something much more sinister.

Conclusion

I’ll leave the floor to you, the reader. Would you pay the ransom? Have you been infected with CryptoLocker? Leave your thoughts in the comments box below.

Get it Now for 100 Points

 

Justhost: The Perfect Budget Web Hosting Service
Exclusive prices for MakeUseOf readers! Only $3.95 per month on a 3-year plan.

Read More Articles

 

PC Pitstop Web Banner

#02 65 841 551  :: sales@pcpitstop.com.au  ::  www.pcpitstop.com.au/blog

pcpitstop-australia-facebook pcpitstop-australia-twitter pcpitstop-australia-youtube-channel pcpitstop-australia-linkedin pcpitstop-australia-googleplus

Written by Ben Waters

Ben WatersOver 25 years helping build small businesses that work. Investor/Adventurer. Electronic Engineer and tech enthusiast.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

    • Unit 2, 10 Bellbowrie Street,
      Port Macquarie, NSW, 2444.
    • 02 65 841 551
    • Located Opp. Super Cheap Auto, The Car Wash Near Settlement City and Black Market Bagels, In Bellbowrie Street off Hastings River Drive
    • NOW WITH EASY PARKING!
  • Newsletters

    WE'RE OPEN & CONSIDERED AN ESSENTIAL BUSINESS Christmas Trading Hours + Merry Christmas Plan For Productivity & Win Your Week You Asked, We Listened! How to Make Google Your BFF
  • PC Pitstop Trained Technicians Ben Waters and Steve Harris
  • Stocked & Supported by Experienced Technicians

    We’re not just a warehouse, we’re a busy workshop too, servicing thousands of home and business users across the Mid North Coast for over 25 years.

    So you can engage our services, shop our online brands and products with confidence knowing experienced techs have got your back, stand behind the stock, and are here to help!