CryptoLocker is getting common enough that it's starting to get a few mentions in mainstream news. I've spent a while trying to find an article about it that's not written by an idiot, and there's some very bad advice being soundbyted in the news. BEFORE you get infected, you're better off reading something that's written by people who actually know what they're doing, so try these:
Macs (so far) haven't been infected with this specific version, but there are others that do work on macs, so you should be doing everything, too. The program usually comes attached to an email, but you can also get it by clicking on unknown links. NEVER click a link blindly. Hover your mouse over it and you'll see the real address pop up either right under your mouse or at the bottom of your screen. Try it on the links above - the first should go to reddit, and the second to nakedsecurity.sophos. If it's a shortened address like bit.ly, use the unshortenit extension on your browser (FF or Chrome, and ffs STOP using IE) to check any condensed address before clicking it.
If you execute this file, it will connect to an external server, obtain a code from it, and immediately encrypt ALL of your files. In layman's turns, it will scramble them in a way you cannot unscramble. Neither can your brother in law the computer genius. Neither can the NSA (ok, maybe they can, but they're not hiring out their services). You will be told you have 3 days to pay them $300 via a prepaid credit card or 2 bitcoins. If you pay them within 3 days, they will send a 2nd code to your computer that unlocks your files and a program to prevent re-infection (they really do this, because they want to keep people paying). If you wait longer than 3 days, too late. You will have lost all of your baby pictures, emails, writing projects, budget sheets, music, video - every file that can be seen in a file folder window can be encrypted.
To try to mitigate the damage- on Windows 8, use the File History option under control panel - this is not enabled by default, you have to turn it on. On macs, use the Time Machine. On Windows 7 or older, you need to use an external program - they have a built in service that backs up your system files, but this does nothing for your personal files (pictures, documents, music, video, etc). Keep frequent backups so you can, AFTER removing the ransomware, restore to a previous point. You will not be able to recover anything between the backup and the encryption, so the more often you back up, the better.
Do NOT use the default Admin login when using your computer. Set everyone in the house up as their own user. Yes, this is an inconvenient PITA when you want to download and install something, but inconvenient is better than all your pictures disappearing forever.
(this one should be a no brainer, but) DO NOT click links in emails, and even if it is a company you recognize or an email from a friend. Go there directly through your browser. If it's a message about needing to update your info, you should be informed of that when you log into the side directly. Obviously this doesn't count for something like password retrieval where they send you a link to reset it when you ask, but only when you ask for it.
If you're more tech savvy, you should look into setting up a home network that backs up files to an external drive that is only connected during backupAnswer Question
Answer by m-avi at 11:23 AM on Oct. 25, 2013
Answer by Ballad at 11:46 AM on Oct. 25, 2013
Answer by okmanders at 1:03 PM on Oct. 25, 2013
Answer by okmanders at 10:55 PM on Oct. 25, 2013
Posts with Most Replies