The IT security industry has seen a substantial rise in the propagation of ransomware threats within the last year or so, but the cybercriminals’ recent know-how is alerting both private users and the antivirus software vendors a lot more. What causes such disturbance is the virus called CryptoLocker coming forth, with its tactics and final objectives making it an extremely severe menace in terms of the affected users’ privacy intactness.
First detected around the beginning of September 2013, CryptoLocker leverages stealthy social engineering techniques to get installed onto computers. The fraudsters are sending emails to organizations disguised to look as if they were from legit services such as FedEx, UPS and the like.
Once the attachments in these emails are opened by the unsuspecting users, the malicious code gets executed on the targeted system, and CryptoLocker displays an alert saying: “Your personal files are encrypted!” Indeed, the ransomware scans the infected machine for multiple file extensions and encrypts them with a mix of RSA & AES encryption algorithms. This means that decryption is only possible with a private key which is, sadly enough, stored on the criminals’ server.
For the private key to be provided to the victim, a payment of $100-$300 needs to be submitted via Ukash, Bitcoin, MoneyPak or cashU prepaid services within a time span of 96 hours, otherwise file decryption chances literally vanish.
Unfortunatley, no ultimately effective methods has so far been found to restore the encrypted files without having to pay the ransom. While removal of the CryptoLocker virus is not too complicated in itself, getting your files back is quite a challenge. In case of contamination, users are recommended to follow professional guides in order to remove CryptoLocker and recover the most recent versions of encrypted files through sticking to special tips.