Security Alert: CryptoLocker Malware Threat

A new malware spreading around the Internet in recent months holds every file on a computer for ransom. Unless the user pays the hacker responsible for the infection, the hacker threatens to forever deny the user access to his or her files.

CryptoLocker is a version of ransom malware that spreads via phishing emails containing infected attachments. Once the attachment is opened an executable file infects the machine and holds it by ransom by encrypting files, which won’t be unencrypted until a cash demand is paid. Typically, the user receives an email that purports to be from a well-respected government body, or well known brands (such as FedEx and UPS tracking), and claims to be related to a customer support issue.

As soon as the attachment downloads, it infects the computer, encrypting users’ files using asymmetric encryption, featuring a public and private key pair. The public key is used to encrypt and verify data, while the private key is used for decryption. Once activated, the malware encrypts a variety of file types on compromised Windows PCs before delivering a ransom message asking for payment before a fixed deadline that usually falls within three or four days from activation date. A clue to the legitimacy of the demand is that payment are requested in the form of anonymous prepaid cash services such as MoneyPak, Ukash, cashU or through the Bitcoin digital currency.

A few things to keep in mind in order to prevent you from getting caught by this threat:

  • Double-check the legitimacy of links received in emails and social media messages. Never open unknown or unwanted emails with attachments, especially those that come from banks and other financial institutions. Have a proper anti-phishing and anti-spam protection installed to filter out the fraudulent email.
  • Keep your operating system and software up to date with patches and security update.
  • Make sure you have legitimate Anti-virus software protecting your computer.
  • Make sure you have the proper equipment to secure and protect your network.
Contact our Hilltop team if you have questions, concerns, or have fallen victim to this threat.