A new piece of Windows malware has been in the news. This one is pretty scary.
CryptoLocker arrives as a Trojan Horse--an executable disguised as something else, such as a PDF or picture file--that when opened silently encrypts your files using "military-grade" encryption that has been characterized as "infeasible" to decrypt without the key. Your stuff is still there, but unreadable. Permanently.
On completion of the encryption process, you will be presented with a _demands_ screen: Within some fairly limited amount of time, pay hundreds of dollars using any of several methods, or the key will be "destroyed". (Turns out that this "destruction" may not be without appeal, but the second chance is worth _thousands_ of dollars.) Pay up (an act as galling as it is expensive in a couple of ways), and the key will be returned and files decrypted. (Some report success, others report otherwise, apparently. The perpetrators are criminals, after all.)
For information, Google "cryptolocker", and read the Wikipedia article first.
A Windows user should do (at least these) three things:
1. Set your anti-virus on _kill_. (Make certain that it is engaged and that it is using the latest definitions.)
2. Back up to an external drive. Check the backup to see that its files are readable.
2. Be extremely vigilant about opening files that have been e-mailed to you. Open _nothing_ about which you can have the slightest doubt as to provenance. It is at this point that the infection occurs, and it does so silently. One is aware that one has troubles only when the damage has already been done.
Power users have other tools, but they are arcane and _unlikely_.
Note that this exploit runs on "social engineering"; getting the victim to participate by scamming him. The user is the line of defense; knowing what to expect and how to recognize the threat before it is put into play are key to staying safe.
There is one more way of staying out of harm's way, but I won't mention it because it can make a Macintosh user seem far too pleased with himself--and besides, his own safety may not be permanent.
Mark_
This is not the web-log I had intended, but perhaps it will do until something better comes along.
Click a Topic (Label)
Amazing
(2)
Apple
(3)
Art
(1)
Australia
(1)
Boating
(2)
Camping
(1)
Camping+Travel
(12)
Caution
(8)
Computer
(9)
Culture
(1)
Current
(3)
Current Events
(9)
FourCornersCruise
(9)
Friends
(10)
Fun
(5)
Gear
(6)
History
(1)
Interesting
(2)
iPhone+
(15)
Kattywompus
(9)
Lark
(11)
Macintosh
(7)
Music
(4)
Nature
(1)
New Zealand
(1)
Pictures
(20)
Politics
(3)
Ranger
(2)
Ranger Cruise 2010
(1)
ReadThis
(1)
RVing
(5)
SpringCruise14
(2)
Travel
(24)
Travel New Zealand Australia Kattywompus
(1)
Trip
(25)
TripPix
(11)
Warning
(2)
WydahoCruise
(1)
