Santa Clara University

Information Security Office

News and Events

 

Information Security News and Events

Back to Blog

Cryptolocker--Nasty Malware

Thursday, Dec. 5, 2013

There has been much press about a nasty peice of malicious software (malware) called Cryptolocker.  Here is the rest of the story

What is CryptoLocker?

CryptoLocker is a particularly malicious ransomware program.

How do you get infected?

CryptoLocker is a trojan horse.  It is typically spread through email attachments and phishing attacks.

What does it do?

After CrytopLocker gets installed it quietly starts encrypting your files.  After it's encrypted enough files it will present you with a popup window telling you what it has done and instructing you to pay (usually $150-300) if you'd like your files back.  You have 72 hrs to comply (though this has changed recently, being more lenient - if you're willing to pay they will take your money and decrypt your files).

How do you protect against CryptoLocker?

CryptoLocker is a serious threat.  If you do get infected you're either going to have to pay the ransom or say goodbye to family photographs and important personal data.  We do not recommend that you pay the ransom--these are criminals and have taken credit card numbers without decrypting the data.
 

  1.  Keep your operating system (OS) up to date with the latest patches.
  2. Install anti-virus software on your computers if you don't already have it installed.  Keep this up to date as well.  Here is a link to Symantec’s description of how their software protects against Cryptolocker: http://www.symantec.com/connect/blogs/ransomcrypt-thriving-menace
  3. Make backups of important data in a regular basis.
  4. Only browse to trusted websites.
  5. Only open email attachments or links from trusted sources.


If you think your computer is infected, call the IT service center at (408)554-5700

To learn much more about CryptoLocker the Malwarebtes blog has this: 

http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/

Categories
Tags
Information Security Office, 1-408-554-5554, iso@scu.edu