FYI: CryptoLocker virus

By | November 15, 2013

CryptoLocker is a new virus that affects Windows PCs – if you get infected, a screen pops up telling you that your stored documents and images have been encrypted, and if you don’t pay $300 within 72 hours, the key required to decrypt your files will be destroyed and you’ll be out of luck.  There have been other ‘ScareWare’ viruses that popped up windows like this in the past, but this one actually does what it says.

Our spam filters do a very good job of blocking email that contains viruses, but since the bad guys are clever, it’s always possible for malicious email to get through until the spam filters figure out the new technique, and you could be exposed.  Also, if you have multiple PCs on your LAN, this virus can jump from an infected PC to the others over the ethernet or WiFi link, so you can be exposed that way as well.

Here’s the US-CERT announcement:    http://www.us-cert.gov/ncas/alerts/TA13-309A  Read this and follow their advice in the “Prevention” section of the writeup.

Other writeups on CryptoLocker: