CryptoLocker may have made its nasty debut in January of this year but several months later, it's still going strong with new variants of the same ransomware.
Ransomware is one of many members in the malware family. As described by Wikipedia: "Ransomware (which when carried out correctly is called cryptoviral extortion, but is sometimes also called scareware) comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed."
How Does CryptoLocker Ransomware Work?
CryptoLocker, like other forms of ransomware, has one basic premise - it finds your critical files, locks them up by encrypting them and then demands a monetary payment in order to get them back by decrypting them. CryptoLocker originally demanded $100 for file decryption but later reports suggest it may be upwards of $300 with the new variant.
People become infected by downloading misleading email attachments that actually act as the malware downloader. Once installed, CryptoLocker establishes a connection to the demand and control server and then proceeds to encrypt your files. Victims must have an RSA key in order to get their files back.
How Can I Protect Myself?
Backups, backups, backups! Truth is, unless you have solid backups in place, your options are relatively limited. In fact, many people find it's easier to pay the criminals to get their files back. And just as Geek.com mentioned in an article this month, it appears that the attackers behind CryptoLocker have some scruples. Paying them does actually decrypt your files (how nice of them, right?) While major antivirus companies try to work this thing out, it's best to just be smart about which files you choose to open and which programs you choose to run.
Want the latest updates on network and data security threats?
Sign up for SECURITY WATCH