What is the CryptoLocker Virus?
Simply put, the CryptoLocker Virus is a Trojan that is sent via email disguised as a USPS package notification, payroll statement, or other enticing message. The virus activates on Microsoft Windows software once an attachment within the deceptive email is clicked.
The first version of the CryptoLocker Virus is thought to have occurred in September of 2013. Since then, various versions of the Trojan have been discovered online, as recent as the beginning of this year.
How Does the CryptoLocker Virus work?
According to Top Tech News, “having contaminated a computer, the Trojan inconspicuously traverses the data structure in search of popular file extensions. Not only does it process data on local drives, but it also affects mapped network shares and removable media. CryptoLocker then encrypts files that match the hard-coded list of targeted extensions, employing a combination of AES and RSA-2048 algorithms.”
Once your Microsoft Windows files have been affected, the virus displays a message - often times via your computer’s desktop background image - stating the fee, payable in Bitcoin, to decrypt your files. The malware typically gives a deadline to pay the proposed fee, and if it is not met, the ransom is raised dramatically over time.
What Can I Do if My Computer has been Affected by the CryptoLocker Virus?
Unfortunately, although the malware can be removed from your computer, your files remain affected. To date, there is no proven solution to decrypting the virus. There have been a couple workarounds that are occasionally successful, but they do not work consistently, and they’re often difficult to implement.
As explained by Top Tech News:
“One of these methods relies on Volume Snapshot Service, which is a backup technology built into Windows. Although CryptoLocker tends to disable VSS after attacking a computer, it may fail to. It might be therefore possible to restore frozen items using the Previous Versions tab within file properties, or with the help of automatic solutions like ShadowExplorer.
Another approach involves the use of the forensics tools. According to security analysis, the ransomware deletes original files and keeps the encrypted copies. Data recovery apps can help reinstate these files as long as they were erased in a regular way, that is, without applying advanced data destruction algorithms.” (Feb. 2016)
Cybersafety 101: 5 Tips to Avoid Being Targeted by a Computer Virus
1. By consistently backing up your files you can avoid losing them to a Trojan such as CryptoLocker, among many other types of malware. Better yet, encrypt your backup files, to ensure they aren’t susceptible to online criminals.
2. Understand where your email messages are really coming from by exploring the senders’ information. Before reading an email, and certainly before interacting with it in any way, ensure the message is coming from a legitimate source. Often times criminals hide viruses within emails that appear harmless, such as a fake UPS package notification or a “forgot password” request from a Gmail imposter. Check the email address of the sender to ensure it’s coming from the actual organization it appears to be.
3. Furthermore, double check any attachments and links within your emails before clicking them. It never hurts to be extra cautious when it comes to opening anything in your emails that may potentially harm your computer system.
4. Be cautious of giving Administrator rights to users on your computer. Furthermore, avoid staying logged in for lengthy periods of time if it can be avoided; try to get in the habit of logging off your computer when you are not using it. This leaves your computer – and all its files – less susceptible to viruses and more.
5. Regularly update your software and operating system. By using only the most recent versions of your computer’s systems, you help ensure the newest protections are in place.
6. Add a managed services provider like Maine Technology Group. By entrusting trained professionals to manage your business’s network and infrastructure, you’re able to avoid something like this from happening.