CryptoLocker - New Ransomware

Now they have customer service and a way to de crypt your files after the deadline but the price goes up as much as $4 grand.

http://www.today.com/money/cryptolo...w-customer-service-website-victims-2D11586019

I do not know how antivirus company's come up with how they categorize the threat level of a virus or malware but I would think with the potential this one has to a users data it would be put higher than minimal?


http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=4459641

http://www.mcafee.com/apps/search/t...:d1&entqr=3&oe=UTF-8&start=10&&num=10&start=0
 
Last edited:
AliceKlaar said:
fyi - " the NCA believes the operation is the work of a tech-savvy crime ring"
holmes_48.png
Click to expand...

pft!
It's the work of the Obama administration, trying to recoup some of that lost money during the healthcare.gov debacle.
Only the US government can come up with such a cheesy name as "Cryptolocker". :cool:
 
Windows Backup Solution

My guess is that Complete Images are safe, from CryptoLocker. Is this true?

I understand the CryptoLocker is deleting Windows Shadow copies, and Simple Cloud Storage Backups. What is the best and easiest backup to use, so that easy restoration can be implemented, for single users?

Does "Windows 7 Backup" of Image and file versions, on an external hard drive work well?

I understand that there are more expensive ways to backup, but a simple solution is wanted.
 
techyguy717 said:
My guess is that Complete Images are safe, from CryptoLocker. Is this true?

I understand the CryptoLocker is deleting Windows Shadow copies, and Simple Cloud Storage Backups. What is the best and easiest backup to use, so that easy restoration can be implemented, for single users?

Does "Windows 7 Backup" of Image and file versions, on an external hard drive work well?

I understand that there are more expensive ways to backup, but a simple solution is wanted.
Click to expand...

From what I understand "Windows 7 Backup" of Image and file versions on an external hard drive will work very well IF:

Clean copies of data are stored BEFORE being infected.
External drive SHOULD NOT BE LEFT CONNECTED after backup.
External drive should NEVER be connected to an infected computer.
Back it up, unhook it, put in safe storage.

Best solution so far, seems to be cloud storage with versioning and/or keeping deleted (un-infected) copies. Personally I'm using CrashPlan. I understand that there are others that offer versioning as well.

Versioning is VERY IMPORTANT, as there is a good chance your CURRENT cloud files will become encrypted also. You MUST have the ability to go back to unencrypted versions to restore.

Also, make sure Win 8 shadow copying is turned on. I believe it is TURNED OFF BY DEFAULT.
 
Can this virus affect Windows 7 Images?

I understand that removing an external backup is safer, but some people, i.e. desktop users, never remove their external hard drive.

Considering that a Windows 7 Image does not contain a shadow copy, it should be safe from this virus. But Windows 7 File Version Backups will be affected. Is this correct?
 
Anything on the system can be affected.

What you need is an offsite storage with proper versioning, so you can restore the files after the infection has been removed.

techyguy717 said:
Can this virus affect Windows 7 Images?

I understand that removing an external backup is safer, but some people, i.e. desktop users, never remove their external hard drive.

Considering that a Windows 7 Image does not contain a shadow copy, it should be safe from this virus. But Windows 7 File Version Backups will be affected. Is this correct?
Click to expand...
 
carrcomp said:
Anything on the system can be affected.

What you need is an offsite storage with proper versioning, so you can restore the files after the infection has been removed.
Click to expand...

^^^^^ This:

Any extension that the virus authors decide to include can be infected.

In other words, it doesn't need to be .bmp, .jpg, txt, doc, etc.

They can make it infect .%^&*, if they want to include that extension.

I think what is being said is the best option is OFFSITE or OFFLINE with versioning.

This is probably the nastiest virus to come along and should not be taken lightly. A LOT can be at stake.

Added benefit to moving to offsite with versioning is availability due to hardware failure. In my opinion, anybody who has ANYTHING of ANY importance should be using this method. The prices have come down to a most affordable range.
 
We've just had two clients get hit with what I assume is this same virus as files on their server shares have suddenly become corrupt (appear to be corrupt anyway).
Weird thing is that none of the computers ever got the screen with the ransom demand on it. :confused:
I suspect it is because Eset AV has picked it up but only after it has started encrypting the files and before it could finish, as not all files on the server shares were affected.
Luckily both clients use ShadowProtect so I was able to restore from a recent backup without a problem, after making sure all computers on the network were clean first.
 
I wouldn't download anything from softpedia. Too many links to scam software and sometimes downloading a softpedia provided program will install download managers.

Here is the direct link to Bitdefenders download area:

http://download.bitdefender.com/

EDIT: Trying this on a few work machines. Not really sure how to tell if its working. Might have to find some kind of tester that wont kill the machine.
 
Last edited:
You must log in or register to reply here.

Similar threads

Porthos
AgeLocker ransomware targets QNAP NAS devices, steals data
Replies
8
Views
1K
glennd
glennd
phaZed
Synology warns of malware infecting NAS devices with ransomware (Bruteforce)
Replies
1
Views
965
Sky-Knight
Sky-Knight
Porthos
New ransomware attacks target your NAS devices, backup storage
Replies
1
Views
790
ell
E
Porthos
Windows 10 Start Menu Suggests Firefox Users Switch to Edge
Replies
11
Views
1K
DRPCNZ
DRPCNZ
GTP
New Feature in Emsisoft
2
Replies
24
Views
2K
Archon Prime
Archon Prime
Back
Top