The Future of Malware is here – CryptoLocker

[Gnosis]

Here’s a little “PSA” I made about what I think will be the future of Malware – “Malware that encrypts your data and makes you pay to get it decrypted”. CryptoLocker has been highly successful at making those who are infected pay the ransom.

More:

http://remove-malware.com/announcements/future-malware-cryptolocker/

 

[Prorootect]

Truly horrible, sure.

In my Windows, has always been disabled services: Lanmanserver, and Lanmanworkstation ..

And has aways been disabled IE's downloading capability on my Windows - look on the topic: Disable File Download IE Tweak: http://malwaretips.com/Thread-Disable-File-Download-IE-Tweak

I watch my internet connections ..

I have the backup.

I never click on email attachments .. .exe, .zip ..

- so what else?

 

[Gnosis]

This is why I like to utilize Sandboxie.

 

[Malware1]

http://malwaretips.com/Thread-CryptoLocker-The-Scariest-Virus-I-seen

 

[jenniferatemple]

CryptoLocker & External Drives???

I keep my back ups, shadow copies and the OS on separate and external drives. The external is only attached at the end of my day. Would I know about crypto locker prior to plugging in the external usb connection? OR would I end up with BOTH drives being locked up. If the externals were not infected then simply reformatting the hard drive should fix it up, no? When ever I purchase a program I demand a hard copy disk. An aside: Microsoft would have us download and create our own but will send the disk for a few dollars shipping. I always feel that will be my cleanest reinstall.

 

[android]

I keep my back ups, shadow copies and the OS on separate and external drives. The external is only attached at the end of my day. Would I know about crypto locker prior to plugging in the external usb connection? OR would I end up with BOTH drives being locked up. If the externals were not infected then simply reformatting the hard drive should fix it up, no? When ever I purchase a program I demand a hard copy disk. An aside: Microsoft would have us download and create our own but will send the disk for a few dollars shipping. I always feel that will be my cleanest reinstall.

I was also wondering if the malware would spread to your USB or whichever drive, and encrypt that too. Maybe they'll have have it spread to your mobile devices and do the same thing to that to, whether you connect it with a wire or if it spreads through wireless communication between phone/PC's.

 

[Gnosis]

From what I read it will spread to any drive attached to the infected PC.
Another reason to have Sandboxie and not have your usb's set to automatically open.

 

[rebel4life]

woow thank god i have online armor protecting me against things like this big one

 

[3link9]

I already posted this....
http://malwaretips.com/Thread-CryptoLocker-The-Scariest-Virus-I-seen

 

[Prorootect]

From what I read it will spread to any drive attached to the infected PC.
Another reason to have Sandboxie and not have your usb's set to automatically open.

Better, I think: use MCShield USB Antimalware : http://www.mcshield.net/

Look on this topic: MCShield Anti-Malware: http://malwaretips.com/Thread-MCShield-Anti-Malware

 

[jenniferatemple]

My thought was to NOT connect any USB or other drives but rather go straight to reformatting the hard drive and only after that reinstall the OS and then one could safely replace the files from an external drive. I can see nothing wrong with this plan as long as one does not plug into the infected drive.

 

[jenniferatemple]

P.S. I do not have other devices to spread to such as cell phones or i-pads etc. I only need worry about my PC. & hubby's lap top. Also: What about printer firmware!?

 

[Gnosis]

My thought was to NOT connect any USB or other drives but rather go straight to reformatting the hard drive and only after that reinstall the OS and then one could safely replace the files from an external drive. I can see nothing wrong with this plan as long as one does not plug into the infected drive.

Good point. I heard Matt Rizos talking about it and he stated the gist, which is that EVERYONE needs to have a viable backup option these days. He says that this is the first malware that has freaked him out a little.

Honestly, I don't have backup right now, but my life is not on this PC, so.....
Besides that, I use sandboxing tech all of the time, and I have a wicked BB. Also, I refuse to click on harmful links.

 

[Malware1]

I already posted this....
http://malwaretips.com/Thread-CryptoLocker-The-Scariest-Virus-I-seen

I already reported it:

http://malwaretips.com/Thread-CryptoLocker-The-Scariest-Virus-I-seen

 

[Prorootect]

Destructive malware "CryptoLocker" on the loose - here's what to do: on nakedsecurity.sophos.com : http://nakedsecurity.sophos.com/2013/10/12/destructive-malware-cryptolocker-on-the-loose/

 

[erikc161]

We just had this Malware hit the university that I work at. It infected one users machine then it crossed over (or was moved) to the departments network volume and encrypted all their files before anyone realized it. We have backups and are able to put the volume back, but the users system it toast.

 

[woodrowbone]

Out of curiosity, what AV are you using at the university?

/W

 

[illumination]

Once infected with this, you can easily remove the Trojan from the system, BEFORE replacing any files with back ups. Matter of fact, i would recommend running a scan with an on-demand before going about fixing the damage.

 

[aztony]

Until I came across this thread I did not have a consistent backup process in place. This is a real eye-opener.

 

[erikc161]

Out of curiosity, what AV are you using at the university?

/W

Symantec Endpoint 11.02