There is a new threat on the block that it is important you know about and protect yourself from.

It is called CryptoLocker and it is a diabolical twist on an old scam. The malware encrypts all of the most important files on a your
PC – pictures, movie & music files, documents, etc. – as well as any files on any other storage media (USB Hard Drive or Stick) even
on other computers connected by a network.

CryptoLocker then demands a ransom payment of over £200 ($300) via Bitcoin or MoneyPak and installs a countdown clock on
the victim’s desktop that ticks backwards from 72 hours.

Victims who pay the $300 ransom receive a key that unlocks their encrypted files; those who let the timer expire are given another chance to pay but the cost has now risen to over £1500 or they risk losing access to their files forever.

As this scam illustrates, relying on antivirus software alone to protect you from attacks is foolhardy. Also, it’s vitally important not only to have a backup plan for when a malware or hardware disaster strikes, but also in the event of nasty attacks like this one. For example, backing up your files to a USB hard drive is a great idea, but would not help if it is still attached at the time you got infected as CryptoLocker will encrypt the files on the USB drive as well, as protection against attacks like this you must remember to turn off or disconnect the drive when you’re not backing up your data.

Threats like these are opportunistic, and as with many modern threats your best protection against them is to employ basic online street smarts: Street smart rule Number 1 is don’t get casual and blithely open attachments in emails you weren’t expecting, even if they appear to come from someone you know.  NEVER OPEN A ZIP FILE ATTACHMENT UNLESS IT WAS PREARRANGED TO BE SENT TO YOU.

I had a client who received an email from one of his clients with a note about an invoice query (Zipped).  He was not expecting it but it was not unusual but it was actually this malware, luckily his Exchange Anti-virus had recognised and removed it.  But that is just luck it could just as easily gone the other way and he could have compromised his business data.  THIS IS NOT A VIRUS.  So as such normal anti-virus methods of looking for “virus” like behaviour doesn’t work.  So your Anti- virus has to rely on just recognising the malware. New versions of this malware are developed all the time to try to circumvent your Anti-virus.  So that is why it is just luck, older versions will be caught by your Anti-virus the newest ones probably won’t.

CryptoLocker normally arrives in email as an executable file disguised as a PDF, packed into a .zip attachment. A spam run targeting millions of UK consumers prompted a warning from the UK National Crime Agency last week.  The encryption CryptoLocker uses is essentially uncrackable. The Trojan infects systems running Windows 8, Windows 7, Vista, and XP.  “The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium businesses in particular,” the UK’s NCA said.

Emails to Watch out for

Emails from UPS or FedEx, or Companies House and the list is growing beware of ANY email containing an attachment especially if it is a ZIP file. Delete the email. If you get infected the Trojan will not let you know until after it has encrypted all your data.  Do not take any chances and make sure your Anti-Virus is completely up to date.  Take a back up of all your data on a USB drive then disconnect it and put it somewhere safe. I am not usually one to get worried by malware and viruses but this one has the potential to cause a lot of problems to a lot of people, and judging by the amount of money the perpetrators are making there will be lots of copy-cats.