Protect Yourself from CryptoLocker
So I was going to write a post about Tesla's big beat after the market yesterday and how the stock is off to the races today, but I came across a computer virus yesterday that was so nasty I wanted to make you guys aware of it so you don't get victimized.
I do a bit of IT consulting on the side for C-level guys who are technophobic. I was scheduled to do a training with one such CEO yesterday, when he asked me if I'd ever heard of CryptoLocker and was it some kind of service. In fact I had heard of CryptoLocker recently on the Skeptics Guide to the Universe podcast, and the fact that this CEO was asking me about it could only mean one thing: he was infected. Sure enough, he said a timer had popped up on his desktop, his files had been stolen, and he had 72 hours to pay $400 through Bitcoin to get his files back or they'd be deleted forever.
Unfortunately, this thing is for real. It comes disguised as an email from UPS or FedEx with tracking information in PDF format attached, only it ain't a PDF. It's a double-extension executable file that installs itself on your hard drive, steals and encrypts all your files, and then demands a ransom for you to recover them. Because the ransom is paid with Bitcoin, it's impossible to track where the money is going. Up to now, the hackers have been true to their word and have returned the files once the ransom has been paid.
That's not to say they'll continue keeping their word, or won't extort even more money once you've paid them. In short, you should never pay hackers a ransom for your data.
In order to protect yourself from CryptoLocker and other viruses using double extensions to install themselves, you can download the following free application which will make it impossible for you to download them:
http://www.foolishit.com/vb6-projects/cryptoprevent/
It's important to note that this only affects Windows machines, so if you're a Mac weirdo you're in the clear.
The best lines of defense are:
- Make regular backups that include a mirror of your hard drive. That way if you have to nuke your hard drive back to the stone age you can just do a restore and be back in business. If you're not backing up, start backing up now.
- Never download attachments from people you don't know. I know this goes without saying in this day and age, but obviously people still do it. UPS and FedEx (and the USPS, for that matter) will never send you an attachment with tracking info. Don't fall for it.
This is a nasty bug, and the guys behind it are pretty brazen. If you find that you're infected you can try to do a system restore from a point before the suspected time of your infection, but this has only had limited success. Removal instructions are here:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-i…
As always, the best offense is a good defense. Be wary of attachments and install the above application if you want to be really safe. This thing is really bad news. If you want more info about it, here's a video:
Hope this helps.
Here's another good video with instructions on how to get rid of it:
The Cryptolocker!
I found a guy on the internet who intentionally picked up this virus and reverse engineered it. He then sent it to the those who were holding his "files" ransom as some kind of tag along on his bitcoin payment. The hilarity ensued, he tweaked cryptolocker to lock their bitcoin wallet. The hackers then sent him all sorts of threatening communication. It was one of the funniest white hat attacks I have seen in a long time. Ill try and find it again and post it on here. But if you do get hit with this, take the earliest instance of system restore you can. Cryptolocker wont always instantly lock up your computer, often times it is tweaked to take effect after X restarts.
Really heartwarming to see such honor among thieves...renews my faith in humanity.
Also I just operate under the assumption that everything is some sort of virus, and it's up to the sender or source to prove to me otherwise. Guilty until proven innocent.
Hey @"Edmundo Braverman"
For someone who really doesnt want to pay $100 (or whatever it is) per year for Norton or McAffee, how would you recommend that the average person protect themselves with an anti-virus?
I've tried a few different things, most of which have given me some sort of headache. Now that I may be using my home computer a little bit more I wanted to have at least some average level of security.
This has pretty much been my strategy. Since I'm not out there downloading much of anything it has worked relatively well thus far, but I'm getting a whole new office setup and am hoping to get a little side business going, so I'm willing to pay a little for protection if it helps.
Unplug your computer from the internet, paint it a nice 70s green color and use it as a side table.
IMHO, AVG is best free anti-virus software out there. I pay for the premium version and I think it's only like $35 a year, but the free version will do just fine for you:
http://free.avg.com/us-en/homepage
awesome, thanks
What about Microsoft Security Essentials, which is built into Windows 8? Am I wrong in just relying on that.
From what I have read you should be good with that.
Best defense: Buy an Apple
That's a little like saying the best defense against getting a bish pregnant is absti...never mind.
Going by the guise that females are completely clueless, I had a friend that I went to school with who managed to get a virus on her Mac... 3 different times!!! After the third time I told her to never touch a computer again.
I've never seen any group of people mess up computers more than females.
@"Going Concern" @"Edmundo Braverman"
Hahah..
Esse dolores nihil eos minima cum ut sed facere. Error est ut cum ut in labore consectetur. Dolor velit saepe aut iure qui.
Alias omnis nihil laudantium soluta. Aut ut minus voluptatum facere id. Odio explicabo maiores est harum quia autem error.
Rerum inventore commodi omnis nobis odio et. Ut doloribus quisquam sit numquam. Ut saepe non qui harum.
See All Comments - 100% Free
WSO depends on everyone being able to pitch in when they know something. Unlock with your email and get bonus: 6 financial modeling lessons free ($199 value)
or Unlock with your social account...
Architecto cumque nemo id nesciunt. Dolorem odit fugit itaque dolor. Esse sed voluptas ipsam commodi nobis qui velit.
Earum eveniet est et. Minima animi libero et omnis sint saepe similique. Dolor blanditiis alias veritatis voluptas fugiat tempora dolorum. Placeat laudantium numquam ex velit nemo occaecati. Quod facere excepturi fugiat non voluptatem et possimus.
Maiores officiis non ipsum a. Qui omnis asperiores magni quo perspiciatis quis illo.
Id eligendi dolorem pariatur ea modi officia vel. Quo in quas nisi. Consequuntur vero aut numquam ut nostrum quam laborum. Possimus dolor dolore aut nemo.