Update on Crypto Threats

Computer VirusWhether CryptoLocker, CryptoDefense, CryptoWall or another Crypto-Threat, they encrypt your files and demand a ransom to unencrypt.

As each new Crypto-Threats attack is released, it has new characteristics to avoid detection and cause more damage.  For instance, the type of files that it encrypts has grown and the ransom demands have become more sophisticated.  Early versions had an expiration date beyond which you could not retrieve your files.  Newer versions raise the ransom as time goes by and there have even been reports of victims negotiating payment with the cyber criminals.

As the extortion becomes bolder, victims are hit harder and have to pay more.  Bitcoin has become the ransom payment currency of choice causing speculation that this could damage the Bitcoin brand. The attacks hit the US hardest even though ransom payment had greatly declined.

As Crypto-Threats have expanded their strategy once they gain access to your computer, the way they infect seems constant. Infections are likely caused by:

  • A fake email that causes you to open an attachment
  • A malicious download often from a website that fools you into downloading the threat
  • An infected webpage that uses an exploit to download the malware to your machine

To protect your computer:

  • Have a recent, offline backup
  • Backup your critical data
  • Have a good, recent, offline backup
  • Do not open email attachments that you cannot verify as authentic
  • Keep your antivirus and malware protection up-to-date
  • Keep your browser up-to-date
  • If you get a website warning, do not navigate to that website

Even with your best efforts, you may get infected. It can be scary and traumatic. Many victims cannot put their finger on how the infection occurred.  That is not surprising because these threats are designed to look authentic and have fooled even the most tech savvy.   So don’t feel ashamed, just get your backup to restore and make sure you have reviewed and updated your backup strategy.

Depending upon the type of infection, there may be effective methods to remove the malware. But you may decide to image (restore) or replace your computer or hard drive just to be sure. There are several factors to consider including the age of the computer, the installed operating system and the type of infection.


Additional reading:

Microsoft Blog on CryptoWall 3.0

Symantec CryptoWall page with statistics

Subliminal message – Backup your data!

About Mary

Mary is the CEO of LAN Systems. She is an electrical engineer who feels her greatest strength is the ability to connect with people. LAN Systems provides IT managed services and solutions to growing companies and non-profit organizations. You can contact Mary at mary@lansystems.com.

Speak Your Mind