CryptoLocker UPDATE

BeckyStrause

Security Bulletin: CryptoLocker – UPDATE

Please note, this is VERY important information for each and every user to have.  Please take a few minutes to check it out and share this info with others.  It can affect anyone, but knowledge and staying on guard can help protect you.

The crooks behind CryptoLocker are dastardly! (And possibly brilliant!)

To recap, CryptoLocker is nasty ransomware that infects a computer, and connected drives, and encrypts the files.  Then a ransom is requested for the decryption key so the user can get his files back.  The ransom, payable via Bitcoins or MoneyPak, is usually around $300 for the first 72 hours.  Don’t worry about counting down the hours, CryptoLocker installs a countdown timer so the victim knows just how many minutes he has to pay the bribe.  The user’s choices are to either permanently lose his files or pay the $300.  Even if the actual malware is removed, the user’s files remain scrambled and inaccessible.

However, CryptoLocker has good news for anyone who has missed their 72-hour time limit.  For a measly $2,100 (approximately, based on Bitcoins current exchange value) the victim can still get a decryption key.  Lawrence Abrams from Bleeping Computer.com said, “They realized they’ve been leaving money on the table.  They decided there’s little sense in not accepting the ransom money a week later if the victim is still willing to pay to get their files back.”  So CryptoLocker has set up a dedicated decryption service where the victim can go after their ransom time limit has expired and buy a key to decrypt his files.

At this point, the best way to combat CryptoLocker is to have a good offsite backup.  Not just any backup will do, because it’s possible that even a user’s backup file can be encrypted by CryptoLocker.  But if a user has an appropriate offsite backup, he can let his captive files be deleted and use the backup.   This solution is much better than paying the ransom money and rewarding the captors.  The backup has to be set up before the attack happens, unfortunately hindsight doesn’t help with situations like these.

Today is not to late too be prepared, but tomorrow might be.  If you need to set up a backup to keep your files safe, or have questions about whether or not your backup is safe from attacks like these please contact Eberly Systems at 610-374-4049 or info@eberlysystems.com.  Also, if you suspect your computer has been infected with CryptoLocker or any other type of malware or virus, please contact us as soon as possible.  The longer you wait, the worse it can get.

For more insight and info on CryptoLocker, check out Krebs on Security or Bleeping Computer.

In-the-Field Device Management: Why It Matters for Your Business

By Guest Blogger December 9, 2025
Why Device Management Is Critical

SECURITY NOTICE: Calendar Phishing - A New Way Hackers Try to Trick You

November 25, 2025
What Is Calendar Phishing?

Cybersecurity Hygiene 101: What Every SMB Should Be Doing

November 4, 2025
Why Cybersecurity Hygiene Matters for SMBs

Leading with AI: How SMBs Can Leverage Artificial Intelligence to Strengthen Every Critical IT Role

October 28, 2025
Why Leading with AI Matters for Small and Medium-Sized Businesses

SECURITY NOTICE: Fake CAPTCHA

October 10, 2025
Fake CAPTCHA Sites Hijack Clipboard to Install Malware

SECURITY NOTICE: Business Email Compromise

October 10, 2025
Understanding Business Email Compromise (BEC)

The Cyber Cold War: How Global Tensions Are Reshaping the Digital Battlefield

By Kordel Eberly August 17, 2025
Welcome to the Cyber Cold War
fish hook

Catching the Big Phish

By Eberly Systems September 20, 2024
We're all in the same boat trying to avoid cybercrime! Here's our top ways to identify a potential phishing attempt.

Key Notes from the Security Team: Q3 2024

By Eberly Systems September 10, 2024
Focus on integrating with new team members and new customers

Key Notes from the Security Team: Q2 2024

By Eberly Systems July 9, 2024
Keeping you abreast of security news