CryptoLocker is a ransomware virus created by criminals. It is being distributed using exploits in your computer security due to out-dated software. Common source of exploit are infected email messages, malicious websites and drive-by downloads.
Notice that as exploit kits rely on out-dated software to infiltrate one’s computer, keeping your operating system and all of the installed programs up-to-date could highly decrease the risk of getting one’s PC infected with such ransomware viruses.
As Windows XP gets to the end of it’s supported life in April 2014 we can expect to see more of these vulnerabilities used.
After successful infiltration CryptoLocker encrypts files on the infected machine and demand to pay a ransom of $/£ 300 in order to unblock the computer and decrypt the files.
Paying this fine would be equal to sending one’s money to Cyber criminals and there are no guarantees that your files will ever be decrypted. In ideal situation owners of the infected computer should remove this virus and should recover their files from the backup.
YOU DO HAVE A BACK UP OF FILES DON’T YOU??
CryptoLocker encrypts various types (.doc .xls .ppt .eps .ai .jpg .srw .cer) of files found on the compromised machine. Notice that while the removal process of this virus is not very complicated at the time of writing this article there are no known tools which could decrypt the encrypted files.
ie this means if you do not have a back up you have lost your files
Vista Business and Ultimate, and all versions of Win 7 have a feature called “Previous Version it is turned on by default, they just don’t provide an interface for it. A freeware program called “Shadow Explorer” provides that interface. Using Shadow Explorer, I was able to grab three day old “Previous Versions” of all the customer’s data.
Also a similar version in Windows 8