PDA

View Full Version : Cryptolocker virus



blanco
27-10-2013, 11:11 AM
I dont see any posts about this ransomeware on this forum. If you get it,
your files will get encrypted and will not be released until you pay for the
decryption key. Win Restore will not help you and nor will a disc image stored
externally, if the ext drive was connected when the virus embedded in the system.
It seems from my searches that NONE of the currently available antivirus programs
can offer protection against this. However, there is a way to protect your yourself
from this ransomeware: Read about it here and download the blocker:-

http://www.foolishit.com/vb6-projects/cryptoprevent/

For further info, just google "cryptolocker" and you will get something like this:

This quote emphasises the severity of the virus and why it is worth installing the prevention:
As the Guardian noted of CryptoLocker and its victims:

"If you haven't got a backup and you get hit by CryptoLocker, you may as well have dropped your PC over the side of a bridge," says Paul Ducklin, security adviser for anti-virus software company Sophos. Even if you had backed up your files, he says, if your back-up device was connected to your computer when CryptoLocker struck, you may not be able to recover them. Similarly, all the files in shared network drives that were connected at the time of the attack could also become encrypted and inaccessible.

CryptoLocker currently only affects PCs and can easily be removed with anti-virus software, but its effects cannot. "I don't think anyone in the world could break the encryption," says Gavin O'Gorman, spokesman for internet security firm Symantec. "It has held up for more than 30 years."

Ryan Rubin, MD of global risk consultancy Protiviti, agrees: "CryptoLocker has been designed to make money using well-known, publicly available cryptography algorithms that were developed by governments and other [legitimate] bodies. Unless you have the key, you simply cannot unlock the data that is encrypted."
Read more at http://www.snopes.com/computer/virus/cryptolocker.asp#GIp3lj0H3xPKl1qU.99
















Reply




Forward













Click here to Reply or Forward











0.07 GB (0%) of 15 GB used

Manage




2013 Google - Terms & Privacy




Last account activity: 4 minutes ago
Details

wainuitech
27-10-2013, 04:05 PM
That article is actually incorrect. While it is a nasty piece of malware there are ways to stop it even if you do have it come through.

Have a look at the video on youtube Cryptolocker in Action (http://www.youtube.com/watch?v=Gz2kmmsMpMI) PC deliberately infected.

If your Antivirus is good enough it will stop it in the first place.

The video also raises a VERY good point, its not mentioned completely, but tells you what its doing at around 4 minutes. The first thing I thought of, a GOOD firewall, set to not allow any outgoing traffic until manually allowed.

Heres an example: I've just removed the setting on my firewall, which previously allowed Mailwasher, now when I try to open it, it wont be allowed out till I say so.

5274


If a PC gets infected it can still be removed and the PC is safe,-- For the encryption to work it actually has to contact a Server first to get the key, so if the firewall stops the outgoing request it cant get create the private Key to unlock, so it can be removed BEFORE the encryption takes place.

Agent_24
27-10-2013, 04:54 PM
If a PC gets infected it can still be removed and the PC is safe,-- For the encryption to work it actually has to contact a Server first to get the key, so if the firewall stops the outgoing request it cant get create the private Key to unlock, so it can be removed BEFORE the encryption takes place.

It's that kind of thing which is why I use a software firewall and manually allow things...
And some people keep telling me that all you need is the inbound firewall in your router..... yeah, nah.

wainuitech
27-10-2013, 05:02 PM
It's that kind of thing which is why I use a software firewall and manually allow things...
And some people keep telling me that all you need is the inbound firewall in your router..... yeah, nah.:thumbs: Agree, just changed this Lounge PC to Smart Security, following my own advise (for once), every Other PC in the place has smart security previously.

Its not that much of a pain to allow programs you know are OK.

From doing a bit more reading on this malware, it gets in a few ways, either from a exe file in an email, or if the PC is already got malware in the first place.

blanco
27-10-2013, 08:10 PM
Thanks for the new info. Sorry for the long post - I should have edited.

TropoScatter
30-10-2013, 11:45 AM
how can they get away with it without a money trail leading back to them ?

Agent_24
30-10-2013, 11:51 AM
how can they get away with it without a money trail leading back to them ?

Depends if anyone bothers to chase it or not

TropoScatter
30-10-2013, 12:10 PM
(shrug) I guess sheeple put up with anything.

In Au, there is a company that steals money all day long automated, like Homer simpson and his auto-dialler. They missed call your mobile phone, then you call back and it's a recorded advertising speil. YOU pay for the call and to listen to the advertisment until you hang up. As soon as it answers your call, it's robbed you. The government allows it. People are sheeple.