Discussion in 'Off Topic [BG]' started by yodedude2, Nov 8, 2013.
has anyone dealt with this yet? sounds nasty: http://www.snopes.com/computer/virus/cryptolocker.asp
One to keep an eye on. It's fairly new so hopefully the anti-virus and anti-malware companies nail it down sooner rather than later.
I've had a harddrive fail in the past so have long been in the habit of keeping a seperate backup of irreplacable files, but still, can't imagine many people doing that!
We got hit with it a few weeks ago. I completely locked up all Word, excel, ACAD, and other files. (Oddly it left Access alone.) The scariest part was that we paid the ransom, and then had to completely drop our pants in order to let the criminals decrypt everything. The decryption seemed to work just fine, but for about a day, they had complete access to our servers as they decrypted them.
I have no idea if they did anything else while they were in there.
Yes, I had this on my computer a couple of weeks ago as well and successfully removed it since. NEVER EVER pay the ransom to these guys to remove it, get a pro or learn how to remove it yourself. Here's a thread I made couple weeks ago warning people about it.
"When a user opens such a message, CryptoLocker installs itself on the user's system, scans the hard drive, and encrypts certain file types, such as images, documents and spreadsheets."
You have to run a file to get this virus to install on your system, do you not? You have to download something...You cannot get a virus by simply opening a message, can you? Even if it is HTML? Would you have to set all your emails to open in text format only to be sure?
I'm not sure what your quoting but the quote you quoted says nothing about having to run/download anything to get cryptolocker. Anyways, the answer to your question is no, you can simply get this by opening sketchy websites, like I did.
I don't believe that's true. Usually anything like that needs permission to write to your drive, perhaps download manually, or clicking a button giving permission for it to do so.
Yes. This, among any thousands of other reasons is why you need to make regular backups to a hard drive that you then keep offline after the backup is made. That way if some of these files get encrypted, you can clean your machine of the infection and restore files from your backup.
Online backups are good, but should be used in conjunction with offline backups, as infected files could be backed up to the internet-hosted backup service as well.
this seems like very good advice.
my human memory must have a virus. i remember that thread now. sorry for the repeat y'all.
I don't think opening the e-mail message is enough to get the virus. You have to take the additional step of clicking on a link.
These things have been going around for awhile now, usually under the guise of a malware/spamware program.
Don't invite the vampire into your house and he can't enter. Click with care.
That was a fake version of it, or you were lucky not to have any files it wanted to encrypt. Removing the infection is easy, anything it encrypts is lost unless you pay the ransom.
Some copy-cats show an identical screen to try and scam you but don't actually encrypt anything.
Not only do you want to follow some of the great advice already listed, but I would add to make sure your operating system and all third party applications are up to date with patches from the vendor.
Drive-by malware is also out there floating around. You don't need to click on or install anything to be infected. Your computer becomes infected just by visiting a compromised website that then injects malware onto your system via an unpatched vulnerability in your OS or another third party app. The website can be completely legitimate, but if hackers have compromised just one section of the site, you risk infection.
For this reason, I would also suggest making sure you are using a secure browser when surfing the internet. That will be your first line of defense from these attacks.
Yeah I think you can only get the real one by giving it permission. On the other hand, you can definitely get the fake one (like I did) by opening sketchy websites.
Separate names with a comma.