A TIP FROM SENIORTECH ALERT: New Virus Demands Ransom for Your Data A new type of malware is developing that renders computers unusable until their owners pay a ransom. Worse, the latest example of such ransomware will be sold for as little as twenty-five bucks to anyone who wants easy money. We could be in for a massive wave of cyber-blackmail. Here's what you need to know... Ransomware Encrypts Data Until You Pay Ransomware is not a new concept. The so-called "FBI fine" malware has been around for a few years; it displays a message, purportedly from the FBI or other law enforcement agency, accusing the user of a cyber-crime and preventing any use of the machine until the user pays a "fine" electronically. This type of ransomware does not damage a computer; it only locks a user out. But the latest generation of malware now spreading goes further... The CryptoLocker virus covertly encrypts all user data on Windows computers with the practically unbreakable Blowfish algorithm, a public/private key encryption method. Affected files include the user's <http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> Word documents, spreadsheets, PowerPoint presentations, databases, photographs, and emails. CryptoLocker and PowerLocker When the encryption process is finished, Cryptolocker displays a message telling the user, "We got ya," and how to pay a ransom in order to obtain the private key necessary to unlock his/her data. The scammers will not accept payment via <http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> credit card or Paypal, which can be traced to the account owners. They demand payment via anonymous cash services such as Bitcoin or MoneyPak. This makes it harder for authorities to follow the money trail and find the perpetrators. Cryptolocker was developed and deployed by a small group of cyber-criminals, but it has <http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> managed to infect an estimated 250,000 computers since September, 2013. It can attack in a variety of ways, including compromised websites, rogue downloads from file sharing services, and phishing <http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> emails that purport to be from your bank, Fedex, UPS, or some other well-known business entity. A Growing Threat A new, "improved" version of the same despicable idea is being developed for sale to all comers, which could mean thousands of bad guys distributing an even more destructive ransomware package. Powerlocker, as this malware is called, encrypts user data and also prevents the user from doing anything except interact with the ransom payment screen, a combination of Cryptolocker and the FBI ransomware tactics. To further limit what can be done with an infected machine, PowerLocker will disable the Alt-Tab, Windows and Escape keys, and prevents the user from running Task Manager, Registry Editor, <http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> MSConfig, and Command Prompt windows. A group of volunteer "white hats," security experts who combat malware as a matter of principle, discovered the plot to create Powerlocker while monitoring hacker forums. The group, known as "Malware Must Die" or MMD, published its findings to warn the security software developers and end users of this new, alarming threat. I will note that so far, all we have is talk about Powerlocker and plans to sell it for as little as $25. No one has seen the ransomware in action. It could be just a bluff, a troll of the security community. But if it's real, it could be a very big problem. Preventing CryptoLocker and Similar Infections What can you do to protect against this threat and others like it? Just keep doing what I have always advised: keep your operating system and anti-malware applications up to date; avoid suspicious Web sites, emails, and other contacts with the online world "out there;" and use common sense when it comes to installing unknown software or opening email attachments from strangers. You may see products advertised that claim to protect you from Cryptolocker and related threats. But if you're not careful, you could end up installing a "wolf in sheep's clothing" virus that does just the opposite. The good news is that almost all commonly used anti-virus programs will block Cryptolocker from attacking. (You ARE using a good anti-virus program. RIGHT?) If you do get infected by Cryptolocker, Powerlocker or some other virus that attacks by encrypting your files, should you pay the ransom to regain access to your files? Although I've heard that it does work, my advice is NO! Doing so only encourages more cybercrime activity. You can either wipe your hard drive and reinstall, or make sure today that you have a complete backup that enables you to restore everything. You HAVE been making regular backups of all your valuable files, RIGHT?? (If not, give me a call at 315-986-9977 or email me, and I'll stop by your house to help you back up your irreplaceable family pictures, etc.) (Thanks to Bob Rankin for this valuable information) Jerry Taylor SeniorTech http://www.seniortech.us <http://www.seniortech.us/> Personalized In-Home Computer Lessons for Senior Citizens and Retirees 315-986-9977 "Computers are not just for kids"