Cryptolocker – Everything you need to know

If you’ve been hearing a lot lately about something called Cryptolocker then you’re not alone. We discuss everything you need to know about this emerging form of malware.

Cryptolocker is a new type of malware that’s infecting computers. More specifically, it belongs to a subcategory of of malware referred to as ransomware.

Ransomware has been around for a few years now, and is typically characterised by preventing someone from logging in to their computer, instead forcing them to a screen that claims you can only regain access to your computer and your files by paying a ransom.

Ransomware can be a pain, but like most types of malware, with a little know-how – perhaps a little guidance from a techie – it can be removed, without the need of paying any ransom.

However Cryptolocker takes ransomware to a new, worrying level. It doesn’t just stop you from logging in to your computer by forcing you to a screen. It doesn’t need to.

That’s because once it infects a computer, Cryptolocker genuinely encrypts all of the files that are stored on it, and holds you to ransom by making you pay for the decryption key. In other words, Cryptolocker is ransomware, but without the bluff. Even if you remove Cryptolocker with antivirus software, you leave behind your encrypted and ultimately useless files.

When it says you need to pay the ransom to see your files again, it means exactly that.


A pop-up warns you that you are infected, and you need to cough up hundreds of dollars to get your files back.

Infection, installation and encryption

Cryptolocker, just like all types of malware, will try and infect a computer using the regular and well-documented methods and tricks.

For example through email attachments, malicious websites or through existing malware infections (backdoors and botnets, most popularly through a malware botnet known as Gameover Zeus). Therefore prevention is the same as other types of malware. This includes running regular detailed scans via your up-to-date antivirus software, being careful what websites you visit, what email attachments you open and what files you copy to your computer. Read our article on the most common ways malware infects your computer here.

Once installed, Cryptolocker contacts a “control server” with the identity of your computer and in turn is given an encryption key. Then it sets about encrypting just about any useful file on your computer, including word documents, spreadsheets, photos and PowerPoint presentations. There are hundreds of different file types that will get encrypted. Basically it doesn’t leave much untouched.


encrypted files don’t make much sense if you did manage to open them.

Cryptolocker then duly lets you know what it’s done in the form of a pop-up, and gives you the option to pay up. At the time of writing the cost is $300, payable through money vouchers or BitCoin. Yes, completely untraceable.

If you’re infected…

If you have become infected and your files are scrambled, your options are limited.

You can remove it, using similar methods we’ve discussed already when it comes to removing most types of ransomware. But this doesn’t decrypt your files. So you’re left with two choices – delete the files and chalk it up to hard luck and a lesson learned, or risk paying up.

Generally we don’t recommend paying, but then again it’s not our files that have been encrypted. The problem when dealing with criminals is that they’re inherently untrustworthy, so there is no guarantee that even if you do pay that they’ll give you the decryption key. They may even ask for more money!

If you do pay up, you’re in good company. Even a Massachusetts police department coughed up the ransom.

Prevention

We already mentioned that the way Cryptolocker installs itself is essentially the same as other types of malware, so the typical “be aware – be careful – have up-to-date security software installed” advice applies as it would with any other type of malware.

And of course if you’re not technically savvy then we do strongly recommend installing security software on your computer that can detect this type of threat before it is too late – and yes our editor’s choice software for 2014/2015 can protect you from this threat – so if it’s time to update your security software for 2015, then click here.

And it might also be a good time to back up those important files on a detachable storage device!

Have you experienced Cryptolocker? Have any unanswered questions? Let us know below.

Share
Published by
Craig Haley