CryptoLocker, The Scariest Virus I seen.

[3link9]

Theres this new Malware that was just recently seen a couple of days ago and it could be the scariest computer malware seen yet. It can encrypt all your files and is very easy to work around a Anti-Virus just by changing its .exe by the looks of it, It is EXTREAMLY hard to remove and according to my sources that i'll post bellow, basicly so far the only way to decrpyt your files is by paying the ransom.


Its discussion recently popped up on bleeping computer which you can check out the Main Discussion - Here and this one also gives a sense how hard it is Here

Also after researching this a bit I found a video Matt from R-M just made right here:

It seems bad, What do you guys think?

 

[Malware1]

It's not a virus.

Sample: http://malwaretips.com/Thread-Ransomware-CryptoLocker

 

[3link9]

It's not a virus.

Sample: http://malwaretips.com/Thread-Ransomware-CryptoLocker

I know but its the term everyone recognizes.
Thanks for the sample

 

[Ink]

Can't play the video: "An error occurred, please try again later". I've noticed YT breaks a lot recently, from not loading videos and comments to blank pages. :-/

Anyway, thanks for posting. I'll watch it when Youtube wants to work again.

Edit: Interesting indeed.

 

[3link9]

New blog post from Emsisoft containing details about it:
http://blog.emsisoft.com/2013/09/10/cryptolocker-a-new-ransomware-variant/

 

[Tom172]

Not so scary if you have your files regularly backed up.

 

[woodrowbone]

Anyone have a chance to test this on WSA?
If I understand everything correct, the malware needs to establish a connection with it´s "mothership" (server), and WSA does not allow outgoing connections from unknown apps.
Would this make WSA (or their users) immune to these kind of threats?

/W

 

[Destro]

Apparently there is a workaround to get the files back using the Previous Version feature in Windows 7 and Vista and it works. More details on Technible:

http://www.technibble.com/forums/showthread.php?p=393359#post393359

Also someone from Technible posted it on bleeping computer, if anyone from here is following their thread

http://www.bleepingcomputer.com/forums/t/506924/cryptolocker-hijack-program/page-17

edit:

Just stating the obvious but, oh well...
In order to have Previous Version working, system restore must not be disabled