Crypto Locker Virus Holds All Your Files For Ransom…

Cybercrime has stepped up its game.  I honestly cannot remember the last malware threat which actually caused damage and was just an annoyance.    All that has changed now.  For years the infosec community has been worried about the ease with which a malware author could encrypt data and hold it hostage.   In fact to me the only surprise here is this didn’t happen years ago.


Cryptolocker installs itself on your system, it hides in the background encrypting every file it can get it hands on.  Once the files are encrypted it then locks your system and gives you 72 hours to pay to get the key to unencrypted your files.  In laymans terms it locks your files in a way that is for all intents and purposes impossible for anyone to unlock without a key.  

Cryptolocker will encrypt any file it can get its paws on, it will crawl right through network shares and encrypt files on uninfected computers.   If you have backup sets that are connected to the infected PC it will encrypt your backups!

Its main attack vector seems to be the good old malicious e-mail attachment, but it is evolving and is now using other drive by attacks.    Good old droppers like Zeus are now installing it so you could have been infected years ago and now be attacked by a rootkit that has been waiting to drop something onto your system.

If you download and run a tiny little tool called Cryptoprevent  it makes changes to permissions and the registry making it harder for Cryptolocker to lock your files.

Use this link to download Cryptoprevent.  

Run CryptoPrevent NOW! Do not wait or procrastinate. 


Any customers who need help running CryptoPrvent are encouraged to call and make an appointment.  

Brian Krebs has more details, here and here

Comments are closed