Rise in CryptoLocker

Galdorf

Galdorf

Well-Known Member
Reaction score
501
Location
Ontario, Canada
Seems this is getting by every major AV on market so far using boot cd av's i have found over 50 machines with this infection.
Even solid av protection has no effect it can disable all main stream av's on the market ,problem is this is showing up on doctor's systems and the info is critical funny thing is they do no back ups so most of the time have to resort to paying the extortionist.

http://www.bleepingcomputer.com/forums/t/506924/cryptolocker-hijack-program/page-26#entry3165383

I set up a back up system on their systems but the secretaries keep un plugging the external hard drives.
 
You may want to thank those secretaries for saving your butt if one of those computers gets hit with Cryptolocker. If a USB drive is attached, depending on your backup scheme, everything on that drive will be encrypted as well. In order for data to survive this infection either:
  • backup drive is disconnected from the system once the backup job is complete.
  • Volume shadow copy is enabled (post XP systems only) and there is enough drive space to save previous version of files.
  • A backup solution is in place which supports versioning.
  • Or just break down & pay the ransom & hope the files get decrypted.
 
Galdorf said:
Seems this is getting by every major AV on market so far using boot cd av's i have found over 50 machines with this infection.
Even solid av protection has no effect it can disable all main stream av's on the market
Click to expand...

Infection technique has nothing to do with disinfection or data decryption after the infection.

What I mean is it seems even the most lame virus gets past most end users, so its not the threat of this virus but the cure that is the real issue here.
 
From what I gather, it's the "user dependent" stuff that gets through, i.e. opening the infected PDF that they got in email, etc.

I'm sure our devious little friends noticed that trend too, damn their eyes.
 
ccritchie said:
You may want to thank those secretaries for saving your butt if one of those computers gets hit with Cryptolocker. If a USB drive is attached, depending on your backup scheme, everything on that drive will be encrypted as well. In order for data to survive this infection either:
  • backup drive is disconnected from the system once the backup job is complete.
  • Volume shadow copy is enabled (post XP systems only) and there is enough drive space to save previous version of files.
  • A backup solution is in place which supports versioning.
  • Or just break down & pay the ransom & hope the files get decrypted.
Click to expand...

I have yet to run into one myself. **Knock on Wood**

Although what you posted is insane in the sense that the CyrptoLocker is that good at getting around things.
 
You must log in or register to reply here.

Similar threads

britechguy
Anyone ever seen this particular malicious beast before?
Replies
6
Views
383
britechguy
britechguy
D
[WARNING] Medusa Ransomware Attack on Milano Salon
Replies
8
Views
269
HCHTech
HCHTech
H
Hard drive not showing up in Finder
Replies
12
Views
2K
Haole Boy
H
sapphirescales
Windows Phone Might Have Succeeded If...
Replies
11
Views
2K
johnrobert
johnrobert
phaZed
[SOLVED] How to uninstall Forticlient AV that was installed from EMS management dashboard?
Replies
2
Views
17K
Your PCMD
Your PCMD
Back
Top