CryptoLocker

It’s always a good idea to back up your computer files. But now, it’s a great idea.

An especially nasty form of ransomware—known as CryptoLocker—was recently discovered, and it puts computer users at risk of losing their files forever.

In most forms of ransomware, infected computers “freeze” and essentially are held hostage until a ransom is paid. Perhaps the best-known and most widespread scheme: False messages claiming to be from the FBI, accusing computer users of watching child porn or some other illegal online activity. A “fine” is demanded to unfreeze the computer.

That and other types of ransomware usually can be fixed—though sometimes a professional using specialized software is necessary.

There is nothing new about ransomware—different forms of it have been circulating since as far back as 1989—but in recent weeks Internet security firms have reported a surge in computers affected. Once CryptoLocker infiltrates your computer, it encrypts your files—making them unreadable and permanently unusable unless you decrypt them with the attacker’s “private key,” which is unlikely to happen even if you part with the demanded ransom.

Currently, infected users are instructed (via the displayed warning) to pay $300 to receive this private key within 100 hours or “the server will destroy the (private) key,” warns a pop-up that freezes your computer, and “nobody and never will be able to restore files.”

Although anti-virus experts are hard at work, currently there is no fix. And while techies can often remove ransomware that simply freezes computers, encrypted files are trickier. So an off-computer backup of files—such as a USB drive—can be good insurance.

Since there’s no guarantee (or even evidence) that paying the demanded ransom will retrieve files from infected computers, it’s also wise to follow these to avoid this situation in the first place. That means:

•    Don’t click on email attachments unless you know the sender and what the attachment are.
•    Be careful when surfing on music sites or doing online searches of or other “in-the-news” topics. They often lead to malware-laden websites or links.
•    Avoid “free” online offers for screen savers, games and the like unless downloaded from reputable vendor websites.
•    Scan your computer using anti-virus software (from a known provider) regularly, and keep its updates and patches up to date.  (Malware often masquerades as anti-virus scanning software, so make sure you are using a reputable anti-virus software.)
•    Make regular backups, and store them somewhere safe, preferably offline.

Read more about CryptoLocker from experts at and .

Deena Coffman is chief executive officer of IDT911 Consulting and Information Security Officer for IDentity Theft 911.

Leave a Reply