Cryptolocker: How To Avoid It, What To Do If You Get It
 

This question came up in a thread I started this week, Hacked By Ransomware although "ransomware" and Cryptolocker are different.

Ransomware prevents you from using your computer unless you pay. But since the files are still intact, it may be possible to retrieve them.

About Cryptolocker, USA Today said:

An interesting web page, http://www.bleepingcomputer.com/viru...re-information responds to a question in the other thread:

Within the FT community and particularly the regular users of the Travel Technology, there is a great deal of expertise. Moreover, many users have access to corporate IT and security departments and other computer and network specialists.

It is my hope that this thread can serve as a repository of information until this malicious piece of malware is eradicated.

Editorial note: I'd like the people running this scam rounded up and sent to GITMO, but that's just me.

Why so nice?

I'm sure that there are suitable prisons in other countries that would be far more appropriate (far less humane).

Once your files have been encrypted, your only choice is to either pay for the key or wipe your computer and files.

This is why I'm happy most criminals are dumb: smart ones are bad news for everybody.

Gitmo is far too nice for them.

Doesn't this depend on whether your email client (whether it's desktop-based or browser-based) shows extensions? Or are they saying that Microsoft Outlook doesn't show extensions?

Another reason to ditch Outlook, OP.

Outlook shows file extension names.

Here it is a .zip file. You can see that, but when you open the .zip file, you can't see the extension of the compressed file.

That has nothing to do with Outlook.

Q: Cryptolocker: What To Do If You Get It

A: Restore your backup from last night.

Agreed. How about reopening Alcrataz or Devil's Island?

I'm reasonably happy with Outlook. I use it daily.

Because of course, everyone has a daily backup, since making daily backups can be done very easily without spending much money on hardware and software. What planet are you living on? :)

The software is free, and built into any version of Windows since at least XP (the Windows Backup in NT 4.0 and earlier was tape-specific. Not sure about 2000, or if it was in 95/98/Me at all.) It's not super from any perspective, but it's there and it's reasonably easy.

The hardware is typically one external drive, cost between $70-$300 (at the higher end, it's a basic single-drive NAS; at the lower end, it's just USB.)

On a desktop, it's trivial; just schedule it, and leave it on overnight.

On a laptop, remembering to power it back up, and either connecting the drive or connecting it to a wired network (unless your volume of new files is quite low, in which case wireless might work) is tougher, but more in terms of habit vs. automation than actual practicalities.

On the road, it's much tougher. OTOH, images say, monthly, and then using dropbox or similar for your most critical documents day to day will cover most of it.

Still not easy, but it's mostly a matter of habit and time rather than software or hardware.

If the Cryptolocker guys or gals and those behind the other ransomware see this, they may well delay the programme actually locking you out until they're made certain your backups are also infected (assuming the payload can avoid detection).

If I read Landing Gear's original thread correctly, the AV product used was a free version of McAfee. IMO, there are much better products than McAfee.

From my personal experience, you really need to review your anti-malware and internet security software with some frequency. Look at the reviews, compare features, etc.

There are some very good free products available (Avast and AVG come to mind first). Both integrate very tightly with your browser and with something like Outlook (if you use Outlook).

There are also some good personal firewall products. I try to stay behind a firewall appliance when possible.

It is a shame but you really have to assume that you are perpetually in a hostile environment.

Actually many of us enlightened Earthlings do perform daily backups to avoid unexpected data loss.

2TB USB desktop and portable backup solutions, including automated backup software, are available for less than $100. The Seagate Backup Plus family of products is just one example.

The cost is minimal. The initiative and discipline to perform daily backups is priceless.

I am using Crashplan. And there's a spare T420 laptop in the bedroom closet. I use Linux but that's beyond the question -- if anything happens to this laptop, hacked, stolen, broken, burns down in a fire, I can be back on where I was within the few hours it takes for Crashplan to download files.

Sorry, no. I never said that. In fact, I spoke of speaking on the phone with McAfee's alleged "tech support" in India. They charge for this.

Here is what I have been using at $35 a machine per year, McAfee SaaS Endpoint Protection.

Please see my new thread: http://www.flyertalk.com/forum/trave...l#post21845570

[QUOTE=WWGuy;21844848]

Take me to your leader. :)

But let's face reality. Many people are almost glued to their laptops all day long. Full backups take hours. When you are done with your laptop, late at night (since you know you will not be able to use it until the next morning), many people are too tired to plug in a drive and start things up.

Which is why I depend on a) a weekly backup, which is plenty for the work I do, and b) reasonable anti-virus/anti-malware software.

Oh, and c) Being VERY suspicious of files of the type mentioned as the ones used by the encrypter clowns.