Protect Yourself from CryptoLocker
So I was going to write a post about Tesla's big beat after the market yesterday and how the stock is off to the races today, but I came across a computer virus yesterday that was so nasty I wanted to make you guys aware of it so you don't get victimized.
I do a bit of IT consulting on the side for C-level guys who are technophobic. I was scheduled to do a training with one such CEO yesterday, when he asked me if I'd ever heard of CryptoLocker and was it some kind of service. In fact I had heard of CryptoLocker recently on the Skeptics Guide to the Universe podcast, and the fact that this CEO was asking me about it could only mean one thing: he was infected. Sure enough, he said a timer had popped up on his desktop, his files had been stolen, and he had 72 hours to pay $400 through Bitcoin to get his files back or they'd be deleted forever.
Unfortunately, this thing is for real. It comes disguised as an email from UPS or FedEx with tracking information in PDF format attached, only it ain't a PDF. It's a double-extension executable file that installs itself on your hard drive, steals and encrypts all your files, and then demands a ransom for you to recover them. Because the ransom is paid with Bitcoin, it's impossible to track where the money is going. Up to now, the hackers have been true to their word and have returned the files once the ransom has been paid.
That's not to say they'll continue keeping their word, or won't extort even more money once you've paid them. In short, you should never pay hackers a ransom for your data.
In order to protect yourself from CryptoLocker and other viruses using double extensions to install themselves, you can download the following free application which will make it impossible for you to download them:
http://www.foolishit.com/vb6-projects/cryptoprevent/
It's important to note that this only affects Windows machines, so if you're a Mac weirdo you're in the clear.
The best lines of defense are:
- Make regular backups that include a mirror of your hard drive. That way if you have to nuke your hard drive back to the stone age you can just do a restore and be back in business. If you're not backing up, start backing up now.
- Never download attachments from people you don't know. I know this goes without saying in this day and age, but obviously people still do it. UPS and FedEx (and the USPS, for that matter) will never send you an attachment with tracking info. Don't fall for it.
This is a nasty bug, and the guys behind it are pretty brazen. If you find that you're infected you can try to do a system restore from a point before the suspected time of your infection, but this has only had limited success. Removal instructions are here:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-i…
As always, the best offense is a good defense. Be wary of attachments and install the above application if you want to be really safe. This thing is really bad news. If you want more info about it, here's a video:
Hope this helps.
Here's another good video with instructions on how to get rid of it:
The Cryptolocker!
I found a guy on the internet who intentionally picked up this virus and reverse engineered it. He then sent it to the those who were holding his "files" ransom as some kind of tag along on his bitcoin payment. The hilarity ensued, he tweaked cryptolocker to lock their bitcoin wallet. The hackers then sent him all sorts of threatening communication. It was one of the funniest white hat attacks I have seen in a long time. Ill try and find it again and post it on here. But if you do get hit with this, take the earliest instance of system restore you can. Cryptolocker wont always instantly lock up your computer, often times it is tweaked to take effect after X restarts.
Really heartwarming to see such honor among thieves...renews my faith in humanity.
Also I just operate under the assumption that everything is some sort of virus, and it's up to the sender or source to prove to me otherwise. Guilty until proven innocent.
Hey @"Edmundo Braverman"
For someone who really doesnt want to pay $100 (or whatever it is) per year for Norton or McAffee, how would you recommend that the average person protect themselves with an anti-virus?
I've tried a few different things, most of which have given me some sort of headache. Now that I may be using my home computer a little bit more I wanted to have at least some average level of security.
This has pretty much been my strategy. Since I'm not out there downloading much of anything it has worked relatively well thus far, but I'm getting a whole new office setup and am hoping to get a little side business going, so I'm willing to pay a little for protection if it helps.
Unplug your computer from the internet, paint it a nice 70s green color and use it as a side table.
IMHO, AVG is best free anti-virus software out there. I pay for the premium version and I think it's only like $35 a year, but the free version will do just fine for you:
http://free.avg.com/us-en/homepage
awesome, thanks
What about Microsoft Security Essentials, which is built into Windows 8? Am I wrong in just relying on that.
From what I have read you should be good with that.
Best defense: Buy an Apple
That's a little like saying the best defense against getting a bish pregnant is absti...never mind.
Going by the guise that females are completely clueless, I had a friend that I went to school with who managed to get a virus on her Mac... 3 different times!!! After the third time I told her to never touch a computer again.
I've never seen any group of people mess up computers more than females.
@"Going Concern" @"Edmundo Braverman"
Hahah..
Corrupti qui molestiae labore sunt itaque. Numquam iure et praesentium inventore molestiae. Rem earum quidem deserunt et at sit quia.
Quis illo voluptatum quia dicta voluptatem omnis laborum. Sed accusantium modi voluptas aperiam quidem quisquam similique sit. Dignissimos rerum suscipit officiis. Aperiam ratione atque in perspiciatis. Exercitationem voluptate vel nisi. Officiis magnam aut eos quod incidunt qui nihil.
Ut pariatur amet ducimus ut voluptate dolorum. Corporis laudantium laborum qui aut. Molestias porro iure voluptatem. Veniam laudantium eum hic voluptas deleniti. Assumenda animi architecto quam autem.
Eos unde delectus ut illum. Suscipit tempore nihil et sunt sit. Odio consectetur consequatur aliquam assumenda. Eveniet qui cum labore soluta debitis molestias. Sunt et pariatur eius ipsam omnis qui itaque.
See All Comments - 100% Free
WSO depends on everyone being able to pitch in when they know something. Unlock with your email and get bonus: 6 financial modeling lessons free ($199 value)
or Unlock with your social account...
Consectetur asperiores distinctio deleniti omnis eum aut veniam culpa. Cupiditate provident et dolor voluptates nam placeat quam amet. Cum delectus exercitationem neque nisi autem fugit reprehenderit. Dolorum similique quae et modi. Dicta totam rem voluptatem est aspernatur qui harum. Dicta incidunt earum quae quod nobis molestias sequi. Consequuntur qui dolor tempora.
Assumenda assumenda culpa est nesciunt asperiores nostrum. Omnis et minus veniam magnam rerum nisi earum. Minus dolores doloremque necessitatibus tempora.
Laborum at non reprehenderit laborum unde voluptatem neque quo. Qui possimus tenetur porro omnis quasi debitis consequatur placeat. Ab error et dolor eum exercitationem voluptatem. Sit et labore et enim exercitationem quos sunt.
Quos quia sed officiis eos enim similique. Atque ratione et qui sed occaecati aut velit. Sunt ut atque eaque ducimus repellat nihil a laborum.