- Aug 26, 2012
- 262
SophosLabs has asked us to remind you about a destructive malware threat that calls itself CryptoLocker.
Sophos Anti-Virus detects it by the name Troj/Ransom-ACP, because that's exactly what it does: holds your files to ransom.
Demanding money with menaces
Malware that encrypts your data and tries to sell it back to you, or else, is not new.
In fact, one of the earliest pieces of malware that was written specifically to make money, rather than simply to prove a point, was the AIDS Information Trojan of 1989.
That Trojan scrambled your hard disk after 90 days, and instructed you to send $378 to an accommodation address in Panama.
The perpetrator, one Dr Joseph Popp, was tracked down in the USA, extradited to the UK to stand trial, displayed increasingly shambolic behaviour, and was ultimately kicked out of Britain and never convicted.
Fortunately, his malware was similarly shambolic: it used simplistic encryption algorithms, and every computer was scrambled in the same way, so free tools for cleanup and recovery soon became available.
Sadly, the crooks behind the CryptoLocker malware haven't made the same coding mistakes.
The malware seems to do its cryptography by the book, so there is no way to recover your scrambled files once it has triggered. (You could, I suppose, try paying the ransom, but I recommend that you do not.)
Read more: http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/
Sophos Anti-Virus detects it by the name Troj/Ransom-ACP, because that's exactly what it does: holds your files to ransom.
Demanding money with menaces
Malware that encrypts your data and tries to sell it back to you, or else, is not new.
In fact, one of the earliest pieces of malware that was written specifically to make money, rather than simply to prove a point, was the AIDS Information Trojan of 1989.
That Trojan scrambled your hard disk after 90 days, and instructed you to send $378 to an accommodation address in Panama.
The perpetrator, one Dr Joseph Popp, was tracked down in the USA, extradited to the UK to stand trial, displayed increasingly shambolic behaviour, and was ultimately kicked out of Britain and never convicted.
Fortunately, his malware was similarly shambolic: it used simplistic encryption algorithms, and every computer was scrambled in the same way, so free tools for cleanup and recovery soon became available.
Sadly, the crooks behind the CryptoLocker malware haven't made the same coding mistakes.
The malware seems to do its cryptography by the book, so there is no way to recover your scrambled files once it has triggered. (You could, I suppose, try paying the ransom, but I recommend that you do not.)
Read more: http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/
