There is a new virus that is doing the rounds on the internet. Known as CryptoLocker, it is a virus that basically encrypts your personal data. By that I mean data such as documents(including PDFs), spreadsheets, photos and some audio. I can confirm that it does not encrypt your computer, only your personal data.
Every time you boot up your computer, you get presented with a window which notifies you that your personal data has been encrypted. The only way to get it back is to pay a ransom of two bitcoins(which at the time of writing is approximately £1000). After you pay the ransom, you get what CryptoLocker calls a private key which is used to decrypt your personal data. You will have 72 hours to pay the ransom.
If you choose not to pay the ransom, then your personal data is gone. You can plead as much as you want to but the server which stores the “private key” actually destroys the automatically generated private key after a certain amount of time.
At the time of writing, I can confirm that any data on a Windows PC can be infected. However, companies that have their own network shares, where personal employees store their documents are also at risk from this virus. I can also report that USB Flash Drives or External Hard Drives can be infected by Cryptolocker. Basically, anything that can be seen as an accessible hard drive (network attached storage, network shares etc) can be infected by Cryptolocker. At the time of publishing, those of you on a Mac or a Linux computer cannot be infected.
So this begs the question, what can you do to protect yourself from this Virus?
First of all, make sure you have a good internet security package. I would recommend using ESET’s NOD32 or ESET Cybersecurity for Mac. Alternatively, use Kaspersky Internet Security.
The second thing that you should do is to be careful when reading emails. If you are not expecting an email from someone, then don’t open it. If you’re not expecting someone to send you an email containing document or picture(or any other file), don’t open it. Instead, delete it or report it as spam.
Most important of all, back up your data to an external hard drive or even to something like Carbonite. Cryptolocker will only grab files on anything that can be mapped to a drive letter(e.g. the ‘C’ drive, ‘D’ drive and so on). This includes the hard drive in your computer, any network shares (folders stored on a server at work, that are mapped to a hard drive) or any external hard drive mapped to a computer.
If the worst happens and Cryptolocker infects your computer, then do not pay the ransom) I know that it’s easier said than done, but you should never pay the ransom. By paying the ransom, you are only encouraging these criminals to make more of this ransomware. If you lose your files to Cryptolocker, then you will need to wipe your computer clean and re-install Windows.