[SeniorTech] A TIP FROM SENIORTECH
- From: "Jerry Taylor" <jerry@xxxxxxxxxxxxx>
- To: <jerry@xxxxxxxxxxxxx>
- Date: Fri, 24 Jan 2014 17:21:26 -0500
A TIP FROM SENIORTECH
ALERT: New Virus Demands Ransom for Your Data
A new type of malware is developing that renders computers unusable until
their owners pay a ransom. Worse, the latest example of such ransomware will
be sold for as little as twenty-five bucks to anyone who wants easy money.
We could be in for a massive wave of cyber-blackmail. Here's what you need
to know...
Ransomware Encrypts Data Until You Pay
Ransomware is not a new concept. The so-called "FBI fine" malware has been
around for a few years; it displays a message, purportedly from the FBI or
other law enforcement agency, accusing the user of a cyber-crime and
preventing any use of the machine until the user pays a "fine"
electronically. This type of ransomware does not damage a computer; it only
locks a user out. But the latest generation of malware now spreading goes
further...
The CryptoLocker virus covertly encrypts all user data on Windows computers
with the practically unbreakable Blowfish algorithm, a public/private key
encryption method. Affected files include the user's
<http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a
wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> Word documents, spreadsheets, PowerPoint
presentations, databases, photographs, and emails.
CryptoLocker and PowerLocker
When the encryption process is finished, Cryptolocker displays a message
telling the user, "We got ya," and how to pay a ransom in order to obtain
the private key necessary to unlock his/her data.
The scammers will not accept payment via
<http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a
wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> credit card or Paypal, which can be traced
to the account owners. They demand payment via anonymous cash services such
as Bitcoin or MoneyPak. This makes it harder for authorities to follow the
money trail and find the perpetrators.
Cryptolocker was developed and deployed by a small group of cyber-criminals,
but it has
<http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a
wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> managed to infect an estimated 250,000
computers since September, 2013. It can attack in a variety of ways,
including compromised websites, rogue downloads from file sharing services,
and phishing
<http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a
wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> emails that purport to be from your bank,
Fedex, UPS, or some other well-known business entity.
A Growing Threat
A new, "improved" version of the same despicable idea is being developed for
sale to all comers, which could mean thousands of bad guys distributing an
even more destructive ransomware package. Powerlocker, as this malware is
called, encrypts user data and also prevents the user from doing anything
except interact with the ransom payment screen, a combination of
Cryptolocker and the FBI ransomware tactics.
To further limit what can be done with an infected machine, PowerLocker will
disable the Alt-Tab, Windows and Escape keys, and prevents the user from
running Task Manager, Registry Editor,
<http://askbobrankin.com/alert_new_virus_demands_ransom_for_your_data.html?a
wt_l=GT.6N&awt_m=Iw7zR6ZWquP6SL> MSConfig, and Command Prompt windows.
A group of volunteer "white hats," security experts who combat malware as a
matter of principle, discovered the plot to create Powerlocker while
monitoring hacker forums. The group, known as "Malware Must Die" or MMD,
published its findings to warn the security software developers and end
users of this new, alarming threat.
I will note that so far, all we have is talk about Powerlocker and plans to
sell it for as little as $25. No one has seen the ransomware in action. It
could be just a bluff, a troll of the security community. But if it's real,
it could be a very big problem.
Preventing CryptoLocker and Similar Infections
What can you do to protect against this threat and others like it? Just keep
doing what I have always advised: keep your operating system and
anti-malware applications up to date; avoid suspicious Web sites, emails,
and other contacts with the online world "out there;" and use common sense
when it comes to installing unknown software or opening email attachments
from strangers.
You may see products advertised that claim to protect you from Cryptolocker
and related threats. But if you're not careful, you could end up installing
a "wolf in sheep's clothing" virus that does just the opposite. The good
news is that almost all commonly used anti-virus programs will block
Cryptolocker from attacking. (You ARE using a good anti-virus program.
RIGHT?)
If you do get infected by Cryptolocker, Powerlocker or some other virus that
attacks by encrypting your files, should you pay the ransom to regain access
to your files? Although I've heard that it does work, my advice is NO! Doing
so only encourages more cybercrime activity. You can either wipe your hard
drive and reinstall, or make sure today that you have a complete backup that
enables you to restore everything.
You HAVE been making regular backups of all your valuable files, RIGHT?? (If
not, give me a call at 315-986-9977 or email me, and I'll stop by your house
to help you back up your irreplaceable family pictures, etc.)
(Thanks to Bob Rankin for this valuable information)
Jerry Taylor
SeniorTech
http://www.seniortech.us <http://www.seniortech.us/>
Personalized In-Home Computer Lessons
for Senior Citizens and Retirees
315-986-9977
"Computers are not just for kids"
Other related posts:
