Back up your files “CryptoLocker” is coming to a PC near you

CryptoLocker is a ransomware virus created by criminals. It is being distributed using exploits in your computer security due to out-dated software. Common source of exploit are infected email messages, malicious websites and drive-by downloads.

Notice that as exploit kits rely on out-dated software to infiltrate one’s computer, keeping your operating system and all of the installed programs up-to-date could highly decrease the risk of getting one’s PC infected with such ransomware viruses.


As Windows XP gets to the end of it’s supported life in April 2014 we can expect to see more of these vulnerabilities used.
After successful infiltration CryptoLocker encrypts files on the infected machine and demand to pay a ransom of  $/£ 300  in order to unblock the computer and decrypt the files.

Paying this fine would be equal to sending one’s money to Cyber criminals and there are no guarantees that your files will ever be decrypted. In ideal situation owners of the infected computer should remove this virus and should recover their files from the backup.

CryptoLocker encrypts various types (.doc .xls .ppt .eps .ai .jpg .srw .cer) of files found on the compromised machine. Notice that while the removal process of this virus is not very complicated at the time of writing this article there are no known tools which could decrypt the encrypted files.

ie this means if you do not have a back up you have lost your files


Update 18/9/2013

Vista Business and Ultimate, and all versions of Win 7 have a feature called “Previous Version it is turned on by default, they just don’t provide an interface for it. A freeware program called “Shadow Explorer” provides that interface. Using Shadow Explorer, I was able to grab three day old “Previous Versions” of all the customer’s data.

Also a similar version in Windows 8

This entry was posted in malware, Misc, Security and tagged , , , , . Bookmark the permalink.

3 Responses to Back up your files “CryptoLocker” is coming to a PC near you

  1. Almost a 1/4 million PCs have been infected with the cryptolocker malware.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s