CryptoLocker is arguably one of the worst pieces of malware that we have seen in a long time. The program has caused thousands of computers to lose their important data by using a scam.
CryptoLocker when on your computer encrypts your entire drive and hides the key, this way the program is the only one that can access the key. Now this means that your data is essentially locked down, and you have no real way to retrieve it, unless you pay, or you use a system restore.
The malware was designed to get money from a person whether it is in the form of Bitcoins or Moneypak dollars you have to pay the author anywhere between 100-300 dollars of this currency. Keep in mind that you cant access the internet on that computer while you have this malware which means that you would have to go to another computer if you chose to pay the author. I advise to avoid giving the author any money and instead try to do a system restore on the computer.
The reason you can’t just do a scan to remove it, is that the program can’t be removed once it has control except through a system restore. Essentially CryptoLocker gets onto the computer and encrypts all the data which means that it scrambles it to were only the person with the key (CryptoLocker) can get access to the files. Well they charge you to get the key back, so you can’t really run or install an antivirus program on a computer where you don’t have the key. Which is where the system restore comes in, you essentially have to make windows roll back to another date on your computer. Now there is another technical way of trying to use brute force and gain the keys using 2048 encryption, and hopefully you will get a copy of that key. However the technology for the average home user does not exist, and it is extremely difficult to do.
Now preventing the program is where things get even more interesting.
1. Download and keep an updated antivirus program. Below we have some free solutions that we recommend.
- Avast Free Antivirus
- Bitdefender Free Antivirus
- 360 Internet Security
- Comodo Internet Security
2. Don’t open any suspicious emails. For instance an email saying “I can’t believe that! That was so funny.” Or something extremely generic and you don’t know who it came from. Don’t open it unless you know it is safe, you were expecting it.
3. Download CryptoPrevent which was a nice little program meant to protect against the CryptoLocker malware and it was developed by Foolish IT. Download it here
CryptoLocker has no real cure, and it is something that antivirus companies can’t really prevent other than preventing the files that it is known to edit from being edited. However, this is exactly what CryptoPrevent does so it would be a wasted effort.
We also recommend that you don’t try to analyse the software at home, unless you know how to properly setup a testing environment without putting the host machine into any sort of danger.