2014 – The Year of CryptoLocker

ballThe latest ransomware is called CryptoLocker, and it is perhaps the most evil piece of malware yet created. CryptoLocker infects a computer, and secretly encrypts its most precious files and demands a ransom for the data. Like its predecessors, spyware, rogue antivirus software, and the DOJ/FBI viruses, CryptoLocker’s motivations are financial. Unlike it predecessors, once CryptoLocker infects, no security software can undo its harm. This should give us all major pause and force us all to rethink 1) how we are protecting our computers and 2) how we back up our data.

In the last two weeks, there were two new revelations about CryptoLocker. 1) When CryptoLocker infects, there is a 72 hour deadline to pay the ransom for roughly $300. If you don’t pay in the 72 hours, the ransom escalates to $3000. 2) It is possible to remove CryptoLocker using security software, but this ironically is counter productive. Once the software has been removed, you know longer have the ability to pay the ransom and your files are still encrypted. To solve this problem, CryptoLocker created a customer service department to help victims pay ransoms.

The company behind CryptoLocker is rolling in cash and they are building out the infrastructure of a real enterprise.

CryptoLocker is a polymorphic virus meaning that it escapes the detection methods of almost every security product. PC Matic, though its use of a white list, stands alone in its ability to proactively block CryptoLocker and other polymorphic viruses. That said, PC Matic is a small security player, and will do little to impede CryptoLocker’s trajectory.

So what’s in store?

CryptoLocker will become a household name.

The security industry as a whole adapts glacially to new threats such as CryptoLocker. The reality is that polymorphic viruses have been around for half a decade. The difference is that CryptoLocker’s destruction level, and that it escapes remediation. In one year’s time, CryptoLocker will be a household name, and a profit and loss statement that would make Wall Street drool.

CryptoLocker will become more sophisticated.

There is a patch to avoid the current strain of CryptoLocker by not allowing programs to run from certain directories. The problem is that few people will adopt this measure and if they did, CryptoLocker could easily move its execution to a different directory. To be clear, CryptoLocker is a cloud based company that can adapt agilely to changes in its environment.

Today, CryptoLocker encrypts most of the common file types such as Excel, Word, photos, movies and so on. I have learned that it does not encrypt Quickbooks files. I am sure this is a minor over sight on CryptoLocker’s part, and future revisions will target an ever growing list of file extensions.

In its drive for market domination, CryptoLocker will target Apples and Macs. Apple users have lived for decades under the false notion that somehow Macs are more secure than Windows. That bubble will be popped as CryptoLocker continues to wreak havoc throughout 2014.

External hard drive sales will grow.

Two years ago, online back up was the hot topic, and certainly the rave of the investment community. Unfortunately, many of the online back up solutions are little help against CryptoLocker since the encrypted files are copied to the remote server and the originals are lost when using the lower pricing tiers of these companies.

The best protection is manual backups and then disconnect the drive from the computer after the backup is completed.


Prior to CryptoLocker, we had the DOJ/FBI virus. Like CryptoLocker, DOJ/FBI is a polymorphic virus that escapes the detection of virtually every security product. The difference is that it was not difficult to remove DOJ/FBI from the computer without paying the ransom.

2014 will be a banner year for the external hard drive companies and of course CryptoLocker.

 2,677 total views,  3 views today

(Visited 1 times, 1 visits today)

139 thoughts on “2014 – The Year of CryptoLocker”

  1. PCmatic is the only tool that can prevent it? How interesting, maybe the feds should be following the PCmatic guys around.

    People who let themselves be blackmailed are the real problem. If nobody was such a wuss as to pay the ransom, the business of ransomware would fail.

    1. Thanks for the comment. Yes, PC Matic is the only real time protection that employs a white list that stops polymorphic viruses.

  2. Dear friends, my name is Drake Berry from united states i had a problem with my husband 2years ago, which lead to our break up. when he broke up with me, i was not my self again, i felt so empty inside me. until a friend of mine Walt Pen told me about a spell caster who helped him in the same problem too. i email Dr SHAVAI the spell caster and i told him my problem and i did what he asked of me, to cut the long story short. before i knew what was happening my husband gave me a call and told me that he was coming back to me in just 2days and was so happy to have him back to me. we have two kids together and we are happy with our selves. thanks to priest SHAVAI for saving my relationship and for also saving others own too. continue your good work the great spell caster email address :shavaispellhome@yahoo.com

  3. Wijnand Boetekees

    Is it possible for PC Matic to offer the Abillity to proactively block CryptoLocker and other polymorphic viruses to other program makers to prevent a global catastrof.

    If PC Matic is a small player, they would make Big name doing so

  4. Steven R. Roy Sr. Steven – why don,t you stop with your snide comments that do nothing but ridicule a perfectly legitimate post and poster? Those who do such are the ones who have nothing to offer.

  5. Craig B. Smith Yes Craig, I have seen another part of the world. My wife and I are in our 70s and have lived in the Dominican Republic for 4 years. We pay $1,400 a year in dollars. My wife just had surgery for a burst appendix. 8 days in hospital. Total co-pay $276 US. Excellent surgeons and excellent care. Private room with flat screen TV, phone, private bath and shower (huge), and another bed in case I wanted to spend the night. Had insurance in US (Fed. Blue Cross and Blue Shield) total cost per year $7,500. Had back surgery 6 months before we moved. Co-pay $5,000. Yes, I've seen another part of the world and and love it even more as I watch the health care crumble under Obamacare. Oh, and by the way, 4 of the six doctors that were involved in my surgery said that if Obamacare goes into effect, they would definitely retire. Sooo….my friend, GOOD LUCK FINDING A DR. YES, YOU WILL HAVE HEALTH INSURANCE, BUT YOU DEFINITELY NOT HAVE HEALTH CARE.

  6. Why is it so hard to get facts right? Polymorphic viruses have been around a lot longer than half a decade. They have been around since the days of MSDOS 5. First one was written in 1990 called “1260”.

  7. I have just attended a PC that was infected running Windows 7. After removing the trojan and remnants in the registry, i discovered the backup files on the internal slave drive were intact. So I did a system restore and now all is well.

  8. Steph Thomas Don't get me wrong. I don't trust ANYTHING this government does. But the question remains, what's in it for them to allow a bunch of Russian criminals to siphon away our money to THEM and not our own crooks, and cause unnecessary disruption in the process?
    If the government wants our money, they just tax us some more without locking up our computers, and with no Russian middlemen involved.

  9. Jeff Walters This whole thing seems to be a money-making scheme as far as I can tell. With no real evidence to the contrary, I find it hard to believe the government itself is behind this. This doesn't look like a government-led false flag operation to me.
    They already have the ability to quietly control the Internet, as shown by what George W Bush did and what President Obama seems to be doing, so why would they be behind a devastating scam like this?
    Their apparent unwillingness to USE that power to compel the ISPs and banks to trace these transactions is my concern.

  10. israel people! Just wait and see. But we wouldn't do anything to move against our ssssspeeeecial "friend." Hell, the Feds have to send back the israelis caught spying in the U.S. back to israel.

  11. This type of article is meant to attract sales, not to show you how to prevent infection. So as a computer tech/system builder/system repairer, I'll tell you that avoiding infection isn't always possible, and no anti-malware/anti-spyware application can guarantee to clean an infected PC completely (regardless of what they claim). Active protection (such as Malwarebytes Pro includes) helps to prevent malware from installing. Free versions of anti-malware (such as Malwarebytes Free Edition) only try to remove malware that is already there. Active protection is well worth the price. But I can't stress enough that nothing is fool proof for prevention.

    While you can't always prevent malware, you can guarantee that you can recover from it easily. It's how you backup your PC.

    Even computer techs don't always agree about the best backup methods, but this is what I do and recommend to my customers:
    My PC has 2 partitions, C: for the operating system, installed programs, and settings, and D: is for data only. I backup my operating system to 2 different external hard drives with a full image backup. I rarely update the first image, and constantly update the 2nd. I prefer full image backups rather than incremental or differential (user preference, because it uses less storage space).
    I manually copy/paste my data folder to 2 different external drives. I delete older backups just prior to backing up so that space on my external drives doesn't become a problem.

    Here's some tips:
    1) You should have your data backed up to AT LEAST 2 places (I use only external hard drives, not enclosed, via ESATA connnections, but that's my preference).
    2) Your backup drives should ONLY be connected when backing up, or you risk losing the data on them as well.
    3) Never backup an infected PC, it's too late once infected. Most malware will place files into your data randomly, where they wait for you to click again and reinstall.
    4) If you have heaps of data, you'll need 2 different backup methods as an image will be too large for all your data as well as the operating system. That means you'll need 4 backup locations/media, 2 for the image of your operating system, and 2 for the data. I prefer to copy/paste data rather than use software, but again that is user preference.
    5) If you don't have lots of data, only the image backup is necessary, but you should have it backed up TWICE, to 2 different locations or hard drives.
    6) All data should go to a single folder, where it can be easily broken up to sub folders of your choice.
    7) DO NOT rely upon Microsoft's libraries to sort your data for you (worst invention ever by MS). Manually point every download to your preferred downloads folder, and always use "save as" rather than "save". Point "save as" to the folder of your choice, within (for example) D:My Documents folder and whatever subfolders you prefer.

    The image backup: An image backup takes a picture of your entire drive partition. It backs up all of your programs, data, settings, and operating system for a partition (always C: by default). (If your system is infected, your image will be infected as well.) Ideally, PCs are fomatted with 2 partitions, one for the operating system and one for the data (I like to move the My Documents folder to the data drive and use only that for data – that way I can simply copy/paste the My Documents folder to a backup drive). Typically these partitions will show as C: and D: (although the data drive may be different and can be changed at any time to a different drive letter). When buying a new system, you can ask to have a data partition created, if the default is to put everything on a single C: partition.

    If you've ever had to wipe/format your hard drive and start from scratch, you'll understand the value of reloading an image instead of having to search for software, keys, settings, etc.. It literally takes minutes to reload an image, and can take months to manually put everything back the way you want it.

    The first image backup is done once you're setup and happy with the layout of your PC. It should ONLY be done and ONLY updated or replaced when you're sure that your system is malware free. The 2nd image backup should happen every time you put something valuable on your PC, and also when you're confident that your PC is malware free. Usually a monthly incremental, differential, or full backup is all that is necessary.

    With the prices of external hard drives, there's no good reason to not have a decent backup system. People need to change the way they think about their computers, and associated costs. A PC without a good backup system is playing Russian roulette with your data. Pay for an affordable backup solution now, or pay someone like me much more to attempt to recover your precious data later.

    Hope this helps someone. 🙂

    1. @David Wendorf:
      Great comments! What recommendations do you have for full image backups? I’ve used and recommended Cobian for years, but I’m always on the lookout for something better.


  12. Crypto locker is for real everyone. Payment is made to them in BITCOINS not in cash or credit card. So you have to buy BITCOINS by cell phone. Bitcoin then in turn must pay the Crytolocker crooks. I think if you put two and two together I work out that somehow BITCOINS are a part of this virtual terriisom !!!
    I was infected yesterday and tried to pay the ransom but was met by a warning on BITCOINS site that they had run out of coins for the day !!! This is an indication of how many people bought these coins to pay the ransom !!
    I cannot believe that these companies cannot be shut down !!! Something must be able to be down before they hold the world to ransom !!!!!

  13. Why not just pay the ransom with a PHONEY credit card number? By the time someone out of the USA discovered it’s false, you’re back up and running with a different e-mail account. Foreign CC transactions take 5-6 hours to be processed, just because of this kind of nonsense. How do I know? My boss at my part-time job is a Vice-President in charge of Loan Collections of the largest bank in the Southwest. He’s why they DIDN’T need any TARP money.

  14. Jim Smith The Government may "be" the perpetrators. What better way to shut down the internet and blame it on someone else. Obama and his cronies would certainly gain a lot from the disruption of communications among us right wing Tea Party types. Most of the big opposition events are organized through social media.

  15. Csh Threenorns- How fantastic for you! 7 billion people on earth & any single one of them can walk into any hospital emergency room in the United States at any time & get treated. What happens in Canada? If don't have Canadian healthcare, you won't be seen. It literally has to be a matter of life or death for a non citizen to get treatment in Canada. I was refused medical attention in 2001 & 2004. My 2004 visit was due to having a metal splinter in my eye; they weren't very concerned. I don't care what you think or what you say; I know your healthcare system from a foreigners point of view & it's not pretty. Though it was fairly cheap to see a personal physician. Do you know that the United States has 300 million citizens & 20 million illegal immigrants? Tens of millions of unpaid ER visits every year. We have more illegal immigrants than you have citizens. If you want to favorably compare Canada to the US in anything, you better be talking about ice hockey & nothing else.

  16. And these financial transactions to pay the ransom would be digital payments… so they shouldn't be too difficult for law enforcement agencies to track to the destination bank account… identity of criminals found – company shut down, surely?

  17. these terrorists are hijacking our family photos and ransoming our bank accounts. it will blowup in their face. it will poison the citizen's household economy. see that. now we have the federal government's attention just by typing a few key words. won't be long now before they come asking for my help after a few months of surveillance. just kidding. my solution is to try to have a new hard-drive configured and ready to go with operating system and hardware drivers standing by and not connected to the computer. obviously backing up data daily to external hard drive which remains unplugged til the nightly backup. [wonder if a company that sells backup media is behind this buggery] it would boost the economy on both ends, sales to individuals and the extorting companies purchases and remittances after the blackmail. haha excellent government economic conspiracy…. same as a gun ban rumor stimulates the economy. LOL

  18. The U.S. has enough problems with just getting a healthcare web site up and running, I'm sure CryptoLocker would be too much on the plate!

  19. Out of curiosity I checked McAfee's database of virus'. Nada, it's obvious how they are handling it. The same way Apple handled malware not so long ago. Deny it exists, make no reference to it. It will go away.

  20. Csh Threenorns "we get a helluva lot more back from the government than you do."

    I bet you do!! 🙂 And minimum wage is not even in the argument. However median income would be and the US is certainly higher. Obama gives it all back below $30K. Your income tax rates are some of the highest in the world.

    In the US. wage earners below $30K are in a net zero tax bracket so they get it all back. The average income tax refund in Canada is approximately half what a US wage earner gets back.

    The argument is over. No need in arguing when you have the same disease that Obama does. The inability to be truthful.

  21. Heather Artrip Rauscher

    It is real. I have been infected with it. The only thing that saved me was I did a backup the night before.

  22. Heather Artrip Rauscher

    We were infected at work with this & luckily I had done a back up the night before. It is coming from Russia from what my computer guy could find. Scary!

  23. The one thing that needs to addressed is how this gets into your system. I have read repeatedly that it comes in the form of a pdf file disguised as a zip file. I mean you have to execute and run the file to get it on your system, right??

  24. Steven R. Roy Sr. point being, when it's not being run for profit, it's a system that apparently is working well.

  25. Steven R. Roy Sr.

    please stop with the facts and obvious answers. your remarks add nothing to the discussion except truth and logic. in the future please try to refrain from sidetracking this brilliant article and all the chicken littles from crying "the sky is falling!!!" hahaha

  26. Steven R. Roy Sr.

    Russell Oz "free" "regardless of price" so the dr's and nurses work for nothing??? i wonder how they provide for their families… what you like is called socialism.

  27. First, backing up to an external HD will protect you, as long as you run your backup and then keep the drive unplugged from your PC when not in use.

    Second, and this is directed at Micah Nudell, how about you share this backdoor your super savy wife found. You’d be doing everyone one huge favor. 🙂

  28. Willie Bell you're forgetting something: our taxes are higher than yours, but so is our minimum wage and we get a helluva lot more back from the government than you do.

  29. One of our computers got hit with this. Tried to go through their tech support, unknowingly that it's all the same damn company. They wanted to charge me $69.95 to come into my computer and remove it themselves. I have to find the document, but I copied the convo. My wife is VERY computer savvy and was able to go through and find the backdoor and remove the virus. No problems since!

  30. Csh Threenorns
    You might want to tack these tax rates on to your health care costs. Oh yea! You're paying or "somebody" is, out their ass, for that actual cost over $45..
    Typical Canadian tax rate below. U. S. even under the tyrant Obama is 1/3 lower than your highway robbing government. Of course, I'm going to hate to see ours after full implementation of his socialist agenda. But that's another story.

    Typical Canadian personal income tax rates, local and fed.
    Taxable income Rate
    $41,095 or less 16% + 15% federal
    More than $41,095 but not more than $82,190 20% + 22% federal
    More than $82,190 But not more than $100,000 24% + 26% federal
    More than $100,000 25.75% + 29% federal

    That cost is somewhere or you'd be seeing witch Dr's.

  31. Michael Kenward The story and its facts are all quite true. The money can't be traced because it uses a method that's like Bearer Bonds and has no 'account' assigned. Matt Gierczak, if you think it's so simple to track them down, please do so! There are only about 30,000 people involved in this scam and its variations, so it shouldn't take you long.

  32. Sounds like a commercial for PC Matic. Can they just follow the money trail to these guys? They even give you a customer service department.

  33. If the ransom is $300.00 to start then I wouldn’t bother paying the aholes. Cyber terrorists should not e rewarded. Instead just spring an extra $100.00 and buy a whole new pc or replace your hardrive. if no one pays the ransom they will have no choice but to go away.F#$% Em!

    1. @Mike: I guess you don’t get it.

      If all your personal files – pictures and documents – are encrypted, you just lost your entire digital life. You can’t rely on backup drives, attached or network or Dropbox, because cryptolocker finds them like all other drives and encrypts them, too.

      The only kind of backup that would survive this are the kind of cloud backup that keeps backups of your previous backups, so that you can recover what you had.

  34. Christopher Ryan Gehlke

    they are made in other countries, laws are different. Just make sure you have a backup of your files, and don't leave your backup media connected when you are not backing up…

  35. What a sweet set-up it would be if the CryptoLocker folks also sold external hard drives for backups. Does that about cover the bases for income streams?

  36. This is one case where I would allow a death squad to pay them a little visit. Clear out the entire building. If you're involved in any way… byebye. I personally volunteer to join the raid. Give me guns, ammo, explosive, and a ride to their location…..I'll handle the rest.

    1. @Matthew Pietrzak: Death squad ??? I don’t think that would get it. I mean, unless, of course, a Death Squad camera crew gets to film all the action. Short of THAT, I’m all for bringin’ back public executions on the town square. HANG ‘EM HIGH !
      Bill doth not jest.

  37. Since when is a tech site a health care site ? anyway, in terms of coverage, Australia has the US beat; the only time the Medicare system in Aus was in trouble was when the conservatives put the AMA up against the wall and tried to do what the conservatives did elsewhere ideologicallly. And, as for Cryptolocker: yes it is bad, but there are things you can do, just research it… for example, using Shadow copy/backup you can save most of your files, and if you don’t click on stupid spam files, then you reduce your risk again, not 100% but there are things to do. If you have NSA software on your software with a back-door, then you are in trouble.

  38. The bigger story is that these criminals can setup customer service centers to funnel illegally obtained cash – and governments allow it to continue. Following the money is so simple if they really cared about protecting us. My system is backed up with an image backup system, so I couldn't care less if I get malware. It takes all of 30 minutes to put everything back.

  39. Russell Oz I call BS. I also live in Australia (12 years) with no private health cover. I waited 3 years to see a specialist about ankle pain, and 3 years to see a specialist about back pain. I've been waiting 2 years to get into the only pain clinic in South Australia. I also paid for every doctor visit ($35-$55 after medicare), unless it was bulk billed for the same problem. It's well known that the Ozzie population will soon put the health care system into a crisis with an aging population – not enough young people to support the old. Australia also cycles doctors (General Practitioners) to different locations every 3 years, meaning we have to start over with someone new constantly. I lived in the USA for 40 years and as long as I was working, their system is vastly superior to anything the commonwealth offers. I paid $5 per visit with HMO insurance which my employer paid for, and never waited more than a couple weeks to see doctors or specialists. I had one hospital stay in each country and neither cost me a thing. I love Australia, but don't overstate the health care benefits. The USA is crazy to change to government sponsored health care.

  40. Deborah M Hollingsworth

    Jim Smith – This is probably just another con of our own government and the money goes to them. It is not unlike how our government takes our money now is it?….

  41. Craig B. Smith btw? canada here. hey – how's it going: hubbie. heart attack. two ambulance rides on life support, the second to a hospital an hour and a half away with a doctor, nurse, and third paramedic in the back with him. 3-1/2hrs from emergency to recovering from surgery in ICU. three days in ICU with a room full of the latest technology equipment. 2 days in telemetry. two subsequent admissions, one for fluid buildup because his blood pressure was too low thanks to the beta-blockers, one for serious internal haemorrhaging from the blood thinners.

    cost for all the treatment? $45 for the ambulance.

  42. Craig B. Smith how else to explain that the US spends a crap-ton more on health care that doesn't actually provide health care to anybody?

  43. Craig B. Smith You are a nutjob who has never left the USA. I have no health insurance, I live in Australia, and I visit my Dr free, and I get ALL my prescriptions regardless of price elsewhere, for $5.90 each.

  44. All they have to do is modify the payload code to not demand the ransom until your data has been encrypted for x amount of days. Processors are fast enough now that you can encrypt and decrypt on the fly (as long as you have the key of course) so the program could lie dormant for 30 days then lock you down – any backup that you've made in that time has the encrypted containers in the image. That is why this is so problematic is the encryption. It will get transferred over into your backups and you have no idea that it has happened.

    Unless you have so much hard drive space that's available to you that you can keep multiple images, you're completely vulnerable to this attack.

  45. I have a question. If a person has to pay a ransom why is the justice system unable to trace the data once it is sent as payment? I'm not computer savvy so, please, talk in plain English(consider me an idiot). I would really appreciate any help given so that I may understand why it is so hard to catch the people behind this. Thank you.

  46. Kirsten Sellards McAdam

    Someone commented that this article seemed "bogus". If it's bogus, then media the world over has jumped on the bandwagon. In addition – and to my great embarassment – a Boston-area Police Department ended up infected with this malware. They paid the ransom. What the above article DOESN'T mention are the steps that can be taken to avoid this; the same steps we should be taking as a matter of course to avoid ANY malware and phishing: don't click on links from unknown sources, don't dowload questionable files. If you know and trust the source, still VERIFY! This heinous crap doesn't just appear on random systems. The USER is allowing them access by downloading questionable files or following unverified links. Relying solely on anti-virus and firewall programs is akin to relying on automobile airbags while driving recklessly or under the influence. Yes, we should employ strong, reputable software as an added layer of protection, but remember WE are the bottom line defense. We need to behave intelligently while online.

    1. @Kirsten Sellards McAdam:

      For a second I thought it was April 1. It’s bizarre. Maybe world governments are putting out these reports to discourage the use of Bitcoin. They like to keep up a level of anxiety among the plebs as a matter of course. Except where the economy is concerned. Don’t worry your little heads about that, we have it all under control. Just worry about viruses and terrists!

    1. @Dale Wilson: This is a form of “ransomware” where you must pay a fee to activivate the program. Users report that the Spyhunter download can then not be removed and continuously shows popups on your machine. It’s malware.

  47. Craig – It's better in Australia, for example. Travel insurance here for travel to the US is actually more expensive than it is to supposed 'third world' places like Nepal, India and Thailand, the insurance companies recognising the pathetic healthcare situation in the US. A National Disability Insurance Scheme has also been introduced recently with overwhelming acceptance, in contrast to the hysteria we're been hearing from the US of A about Obamacare.

  48. Peter Marszal try the UK – if you are fortunate enough to have cash when you get seriously ill, you may live. Otherwise, you're cooked. Obamacare is about power, not healthcare!

  49. How does it determine which files are "precious" and which aren't? Best practice, NEVER leave anything on a computer that is 'precious' and would cause harm if the computer is stolen or hacked. Why is this not done more often? It's like leaving a zippered purse on a car seat- it's closed, but not secure.

  50. This is extortion and it is a crime under the law in the US and most of the civilized world. It's obviously the time for the authorities to address this problem with the necessary resources to put an end to this crime. I believe there is a dollar value to every crime and the penalties should follow a scale. When the damage of the crime goes over a million dollars you should be looking at some scary time behind bars. Then let some cyber bounty hunters cash in on a very fat bounty and let the market squeeze these guys.

  51. I think this is a well exadgerated tale. The article contains a couple of typos but other than that doesn't it seem off that it says their product is the only one that can stop it. How much does PC Matic cost again? Isn't PC Matic one of those programs that offers a free scan and then holds the results ransom untill you purchase. I don't see a difference here.

  52. Tom Clahane I suppose you mean the government "stopping the perps". Unfortunately, this government either can't or won't bother. Probably won't. Their mandate to 'protect the public' is just talk.
    This is a government who can easily track the movements and activities of almost anyone in the country but can't/won't stop a mere annoyance like spam. They can track transactions of it's citizens so why not track where a lot of this money GOES?

    Forget the government. It's useless. But I'll bet if sufficient pressure was put on the ISPs that handle ALL of our Internet use to see where all this loot goes, they could and would. I don't care if it's Bitcoins or credit card numbers, I'm sure the ISPs, along with the banks could find out where the money goes.

  53. The CryptoLocker worm is generally spread via drive-by downloads or as an attachment to phony e-mails disguised as legitimate messages from various business, such as fake FedEx and UPS tracking notifications. When a user opens such a message, CryptoLocker installs itself on the user’s system, scans the hard drive, and encrypts certain file types, such as images, documents and spreadsheets. CryptoLocker then launches a window displaying a demand for ransom (to be paid in less-traceable forms such as Bitcoins and Green Dot Moneypaks) and a countdown timer showing the date and time before which the user must submit payment in order to obtain the decryption key before it is destroyed: Back up your important data and do NOT pay.

    Read more at http://www.snopes.com/computer/virus/cryptolocker.asp#chi1IgLuA3QQyboE.99

  54. Denis DellaLoggia

    It seems to me that now-a-days most people have a backup image on a separate drive or machine altogether. If my PC gets infected, I'll just reformat my drive and re-image back to my infected machine. No biggie, if you keep your PC's imaged to another. And how many lame people still only have one PC and not a network?

    1. @Denis DellaLoggia:

      Poor people do, Denis, this doesn’t make them lame. You are talking about people who barely scratched up enough to buy a pc, just so they can have a window to the world! I work with enough of them to know. Ignorance is bliss. Nice boast about your imaged drive… do you polish it too?

    2. @Denis DellaLoggia: Denis, this is a rather naive statement. Not everyone is old enough to be responsible about their computers, or young enough to understand them. The world is full of people who aren’t exactly like Denis.

  55. So… If you pay the money, what’s stopping from not sending you anything in return? Are they afraid you’re going to report them to the Better Business Bureau?

  56. The world is at its mercy – Cryptolocker RULES because of American / world stupidity and lack of action – which is almost as bad as 911 was – when we pretended we didn’t know how to react to 4 different airlines changing course and NORAD and SAC and etc did NOT react and the VP scrambled jets to the wrong location – lots of ignorant ca ca going on in this gov’t and IT world – all at the MERCY of any bad guys who want to step up to the plate – we’re just stupid babes in the woods…sending $$$$$ to the mideast – who wants our money? doesn’t matter if you don’t speak English – we’re very generous BUT we are broke; no problem we’ll borrow just for the good of the world – WE ARE THE WORLD music is playing….anyone want to join me in a vomit session? BAD guys rule – Man is evil

  57. So it's a company with a centralized location for everyone to pay their ransoms? Doesn't that mean it's a company with a centralized location for all of its members, employees, staff etc, to be picked up by the FBI in one raid?

  58. Well, so much for the wonderfulness of the internet. No privacy, theft to a degree never before seen, we are all sitting ducks out here. Oh yeah, you can always just see movies, play games, but don't do any shopping, banking, or they will getcha!

  59. Dealing with Interpol’s Internet Crimes Division, I and they nearly caught some sly Nigerian ‘over-payers’ looking for my deposit of fake money orders to pay for pups I ran in my local paper. It was exciting to see the largest Post Office in the state ‘snap-to’ and see a couple van loads go down in Great Britain. I hoped my demons were on those transits. The persistent buggars were back in a year trying through some weird TTY style calls where you have an intermediary typing each party’s responses to each other.Non-existent addresses they wanted me to ship a dog to for a humungous fee! I was supposed to get it after I airmailed the pup. NOT ME!

  60. are you on crack, or what…"while the rest of the world is wondering…pathetic health-care system." i hope you have the super DNA to avoid any ill health in your life. have you ever been/or seen any of the "rest of the world" ?????

  61. This has baffled me for some time. It doesn't work like that, it seems.

    Can't the banks track the trail of cash that leaves my account? No, I forgot, they are to busy bundling American mortgages into opaque investment packages that can bring the global economy to its knees.

  62. We need to ask why NSA is scanning everyone except crooks such as these CrypoLocker bunch. Why is the government right on top of helping RIAA to find anyone illegally downloading movies etc and yet this corruption is not even in the news or being mentioned by our leadership in Congress. Didn’t our president ask for an internet kill switch? (Now they want a smart phone kill switch.) Well, use it on CryptoLocker. This is no difference than Norton virus running a scam of all of their users to release their records. This could be a supposedly legit business hiding behind the facade of crooks to promote antivirus ware or malware. I have often wondered if antivirus companies could be making some of these virus’ to keep themselves in business. It is a big business you know.

    1. They don’t take credit cards or accept cash, checks or money orders. They only accept bit coins which are untraceable, Matt.

  63. I keep my files in a different location – a partition – and i wonder if this is any kind of deterrent. Looking forward to any comments…Thanks

    1. @Harris:
      Different drive, different partition, except for maybe very special partitions created by some backup software are no protection if they are accessible at run-time.

  64. Already a victim of this horrible thing. Had some excellent IT guys out to my business working on it, and we finally just had to buy a new hard drive. No other choice….will NOT pay them their ‘ransom’.

    1. @John Hetland: Because they have switched to Bitcoin for their transactions, the money is untraceable.The truth is, many operate completely out in the open in the countries they are based in. In most of theses countries (mostly Russia and other former Soviet states), unless they are arrested by local authorities, nothing will happen. Because they have switched to Bitcoin for their transactions, the money is untraceable.

      1. Nothing is untraceable in this country! Witness the NSA and it’s surveillance of our own citizens in addition to possibly every country (friend or foe (Germany)), Bitcoin included. Wake up America!

      2. @PCRescue: It is traceable how you might ask? blockchain stores all the info on what happens on a certain address on any address for that matter so you find the btc address that you have to send it to trace any and all transaction leading to that one and follow the trail as sooner or later that trail will lead to a well used address say 1 from mtgox or anything else like that and then you got them or atleast your first lead and from there you can start tracing backwards towards the source 🙂

  65. I don’t get it. Polymorphic viruses have been around for ages and any decent virus would use polymorphism. Is the writer saying that most anti-virus programs are still not able to deal with them?

    1. @Peter: Anti-virus products primarily use “signatures” to identify malware. This is why your AV software updates every day. New signatures of ever-changing malware are created and sent to you. It is a cat-and mouse game, with the AV companies always one step behind the malware. Other strategies are used to identify malware, but unfortunately they are generally less successful than signature identification, and result in much higher false-positives.

    1. @Allan Holman:
      Think about it, the files are modified and encrypted by the virus, Dropbox would see that as an update to the files and update the ones on the server, from there it would spread to anyone else with that same dropbox folder

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.