CryptoLocker ransomware gains an increasing hold

vbimport

#1

We’ve just posted the following news: CryptoLocker ransomware gains an increasing hold[newsimage]http://static.myce.com//images_posts/2013/12/Cryptolocker-Thumbnail.png[/newsimage]

CryptoLocker gains an increasing hold on user’s PCs

            Read the full article here: [http://www.myce.com/news/cryptolocker-ransomware-gains-an-increasing-hold-69994/](http://www.myce.com/news/cryptolocker-ransomware-gains-an-increasing-hold-69994/)

            Please note that the reactions from the complete site will be synched below.

#2

Back up your system now.


#3

Yes, backups are good. Backup everything important to you, or risk the consequences!


#4

[QUOTE=hoonkid04;2714734]Back up your system now.[/QUOTE]

I think that’s about the best advice anyone can give.

This new generation of malware is particularly insidious and given the fact that it hides until it’s too late you can never be too careful.

Attached or cloud storage is unfortunately no good either as CryptoLocker will infect files on these as well.

For anyone that’s concerned following this story I’d recommend scanning your system sooner rather than later with the free version of Malwarebytes which can detect and remove this ransomware. Especially after seeing how high those infection rates are and how prevalent this is becoming.

Unfortunately nothing at present can recover already encrypted data but at least if CryptoLocker is removed the damage can then be halted.

[B]Wombler[/B]


#5

Saw this page some times ago. I haven’t tried it.


#6

I’ve been using CryptoPrevent since shortly after it was posted.
I downloaded the portable version.
I intend to keep using it.
It is a blocker for the most part.
If you search it at club.myce you can see the minor issues I had.
Really one question & one issue.


#7

Yes, backup is best advise one can give to user, however sometime that is not enough and using something like CryptoPrevent is recommended. I personally use solution which is much more restrictive when it come to blocking and I am very happy with outcome of it. Program I use is capable of blocking all of these extension and many more from any location on your computer.

I have listed most common extension which can execute in one form or other and often found on user system.

1.exe
2.com
3.bat
4.jar (Not enabled by default, but can be enabled if required)
5.dll (Not enabled by default, but can be enabled if required)
6.pif
7.dat (By default it does not include into consideration, however if DAT file try to perform similar to executable function then it will stop it.)
8.scr


#8

[QUOTE=Gummigutta;2714779]Saw this page some times ago. I haven’t tried it.

Do a small search, Nick the author of that program has been here and discussed his program with us.:wink:


#9

As this ransomware is mainly spread as a Zipped exe attachment, I wouldn’t be surprised if this ransomware infected far fewer PCs if Antivirus products simply blocked zipped executable attachments by default. At present, I’m still not aware of a single virus checker that can even block such attachments unless it either detects the executable inside as known Malware or the user chooses the block archive attachments altogether.

Indeed, the Cryptoprevent does help close this attachment loophole, although unfortunately for most users, they probably will never find out about this tool until it is too late.


#10

Sean, what is even more amazing is computer security field and users have fallen far too deeply in love with the whizzbang-of-the-week and has forsaken common sense. I think user need to realize just running security flavor of the month is not enough, but like you mention most do not realize until it is too late.


#11

So if I understand well this post, according to Dell’s SecureWorks
23.8% in the US
5.8% in France
among all the PC’S (running under Windows XP, Seven or 8 ?)
are infected by this dangerous ransomware CryptoLocker!

So I like to know if I am threatened by this type of ransomware
1°) if I NEVER dowload any e-mail and read them only in may mail box at the the provider
2°) if I only open an NON *.zip attachment, like an *.pps, …


#12

[QUOTE=franz99;2714840]So if I understand well this post, according to Dell’s SecureWorks
23.8% in the US
5.8% in France
among all the PC’S (running under Windows XP, Seven or 8 ?)
are infected by this dangerous ransomware CryptoLocker![/QUOTE] Of all the pc’s that are infected with CryptoLocker, 23.8 % are in the U.S. and 5.8% are in France.

It’s [B]not[/B] that 23.8% of all pc’s in the U.S. are infected.


#13

I still find those new infection rates pretty alarming though especially for those in the US.

Then again not all users are as tech savvy as our membership, so that could be misleading.

What I’d be more concerned about though would be other infection vectors that haven’t as yet been used such as Trojans or other exploits, and it’s only a matter of time before these appear.

[B]Wombler[/B]


#14

Is there anyway to turn off encryption completely in an OS?


#15

This is what happens in a increasing world of click it and be happy. You get what you get when you don’t read or watch what your doing. I for my usage edits all my hosts files to block sites from redirecting or pop up from appearing this will reduce most if not most problems for users. It’s not easy but taken the time will reduce one change of getting hit. But also one should as MoM says know what your doing and reading and not just happily clicking on anything that comes your way.


#16

[QUOTE=Steve33;2714871]Is there anyway to turn off encryption completely in an OS?[/QUOTE]

With the Microsoft OSs that should be possible using Group Policies but that’s not much use to Home version users so I’m not sure what the answer would be for them.

No doubt someone else here will know though.

[B]Wombler[/B]


#17

Probably a dumb question on my part but if encryption could be absolutely turned off then it would seem to me the ransomeware wouldn’t be able to do its dirty work.
Maybe even doing it via registry change…

I never use encryption, in fact there aren’t any passwords or sensitive files residing on my computer…only what is needed for browsing.


#18

[QUOTE=Steve33;2714894]Probably a dumb question on my part but if encryption could be absolutely turned off then it would seem to me the ransomeware wouldn’t be able to do its dirty work.
Maybe even doing it via registry change…

I never use encryption, in fact there aren’t any passwords or sensitive files residing on my computer…only what is needed for browsing.[/QUOTE]

No, on the contrary, it’s a very sensible question as I’d imagine the majority of people, including myself, are in the same boat and never use encryption.

[B]Wombler[/B]


#19

[QUOTE=Steve33;2714894]Probably a dumb question on my part but if encryption could be absolutely turned off then it would seem to me the ransomeware wouldn’t be able to do its dirty work.[/QUOTE]

Well, if the virus comes with its own internal encryption egnine (thus not relying on already installed tools and/or services) then turning off your systems encryption tools will not matter. The virus might also try to re-enable the services.


#20

seems like the cash payout could be traced back to the originator…