A New Type of Ransom Ware
On Tuesday October 29th I had about a 2 hour drive to Akron for a meeting. I was listening to Leo Laporte’s “This Week in Tech” Episode 429. At the 30 minute mark (+/-) Leo played a short audio clip of an interview with Steve Gibson of Gibson Research Corp.
They talked about a new form of ransom ware called CryptoLocker. This is a much nastier version of ransom ware as it encrypts ALL of the files on a computer. The bad news is that the ransom ware seeks connected hard drives, USB drives, NAS devices AND shared folders on other computers.
The ransom ware is sent as an email with a link to a bank, PayPal account or even an attached PDF file. All of the links launch an exe file that install the program and encrypts the data. A pop up then displays a message that states that the files have been encrypted and the user has 72 hours to pay $300 or euros or even BitCoins to get a private key to restore all of the files to their original condition.
If the user ignores the warning and the 72 hours expire, the private key is destroyed and can not be regenerated. BAD NEWS!
According to Steve Gibson, the encryption is so complicated that experts are unable to de-crypt files.
So, now more than ever before, be careful with email attachments.
The following article was found at ARS technica: http://arstechnica.com/security/2013/10/youre-infected-if-you-want-to-see-your-data-again-pay-us-300-in-bitcoins/
Updated 10-31-2013 11:45 P.M.
I have had several requests for additional information on the Crypto Locker article since I sent the Communigram notice out this morning.
I found three articles form noted websites that should explain in more depth than my article.
I was interested in a couple of quotes in the article:
“If you haven’t got a backup and you get hit by CryptoLocker, you may as well have dropped your PC over the side of a bridge,” says Paul Ducklin, security adviser for anti-virus software company Sophos.
CryptoLocker currently only affects PCs and can easily be removed with anti-virus software, but its effects cannot. “I don’t think anyone in the world could break the encryption,” says Gavin O’Gorman, spokesman for the internet security firm Symantec.
Here are links to the articles I found.
This past Sunday I updated my website that I own. I had an enjoyable afternoon as I backed up, updated plugins & themes and just generally having a good time.
Today, I had a list of things that I wanted to do to my work website. The phones didn’t ring, I ignored my email for a while and I did not have any interruptions. After spending a couple of hours tweaking pages, proof reading articles, adding images and backing up, I realized why I fell in love with WordPress from the beginning.
IT JUST SEEMS RIGHT!!