Wednesday, October 9, 2013

Beware of a Ransomware called Cryptolocker

Beware of a ransomware called Cryptolocker. Nowadays, the malwares are becoming more destructive and more sophisticated compared in the previous years. The authors of these malwares have gone too extreme to the point that they are demanding a ransom money from their victims if they want to get their files back.

Early this afternoon, the laptop of one of our managers got infected by the Cryptolocker. Apparently, the malware is able to evade his anti-virus. It is already too late when it is detected because all his files are already encrypted by this destructive malware. Thus, he cannot open his files. As you can see on the screenshot that after a given time he will not be able to get his files anymore. If you go on further the author of this malware is extorting a money amounting to $300 to decrypt the files so he can have his files back. If you have many important files on your computer as he is you may probably give in to the author's demand.

Until now he does not know where he got the malware or he is probably just playing innocent that he did not download anything. As I make a research on the internet about this malware the victims got it from the email. They received emails with these subjects "USPS Tracking, Dunn & Bradstreet rating or similar subjects" with a .zip or .rar attachment.

As of this writing there is no way to decrypt the files although the malware may be removed from the computer. The best way to defend ourselves from such desctructive malwares next to having a reliable anti-virus is to use a sound judgement. If we get an email from an unknown source do not open the attachment or click the link. The people spreading these malwares are luring their victims by using too good to be true email subjects. Be cautious if you receive suspicious emails such as these subjects "For instant access, Cashcashcash and Potential earnings" aside from the subjects mentioned above.