Friday, May 22, 2015

Safeguard from the tricky cryptowall

CryptoLocker is an especially insidious form of Ransomeware malware that was first detected in the wild in September 2013, restricts access to infected computers and requires victims to pay a ransom in order to regain full access.
What makes CryptoLocker so bad is the way it encrypts the user data on your hard drive using a strong encryption method. This makes it literally impossible to access your own data without paying the ransom amount to the criminals between $100 and $300 or two Bitcoins, even now more.

Once affected you will be locked out of your computer and unless you pay the ransom amount in 72 hours , the virus will delete the decryption key to decrypt all the files on your PC .

The malware lands on PCs the same way other malware does and a few sensible precautions will help minimize the chances of a CrytoLocker attack.

Yesterday, it was reported that - UK's National Crime Agency has given out an urgent national alert that a mass spamming event targeting 10 million UK based email users with CryptoLocker.

What if your computer gets compromised? Currently there is no option to decrypt the files without the decryption key and brute forcing a file encrypted with 2048 bit encryption is almost impossible. If you don’t pay the ransom, you forever lose access to everything you’ve been working on which is stored on your computer.

A few things you can do to prevent your PC from getting infected with the CryptoLocker virus:
  • Most viruses are introduced by opening infected attachments or clicking on links to malware usually contained in spam emails. Avoid opening emails and attachments from unknown sources, especially zip or rar archive files.
  • Most people have some anti-virus program, but how do you know it’s effective? Ensure you have best one active and up-to-date.
  • Also keep your operating system and software up-to-date.
  • Keep a backup. If you have a real-time backup software then make sure that you first clean the computer and then restore the unencrypted version of the files.
  • Create files in the Cloud and upload photos to online accounts like Flickr or Picasa.
  • Windows 7 users should set up the System Restore points or, if you are using Windows 8, configure it to keep the file history.
  • Make sure you have reformatted your hard drive to completely remove the CryptoLocker trojan before you attempt to re-install Windows and/or restore your files from a backup.
There are many free tools now available in the community, that can help users to protect their systems from this malware.
1.) CryptoPrevent tool, created by American security expert Nick Shaw.
This tool applies a number of settings to your installation of Windows that prevents CryptoLocker from ever executing and has been proven to work in Windows XP and Windows 7 environments.

2.) HitmanPro.Alert 2.5, a free utility that will help you to protect your computer against the CryptoLocker ransomware malware.

HitmanPro.Alert 2.5 contains a new feature, called CryptoGuard that monitors your file system for suspicious operations. When suspicious behavior is detected, the malicious code is neutralized and your files remain safe from harm.

3.) BitDefender Anti-CryptoBlocker, an encryption-blocking tool that can detect and block malware from installation.

Intrusion prevention systems can block the communications protocol send from the Cryptolocker infected system to the remote command-and-control server where the malware retrieves the key to encrypt the files. Blocking the communications can prevent the encryption from taking place.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.