Ransomeware update issued by ESET
CryptoLocker is new ransomware, which is a type of virus that extorts money from users.
CryptoLocker hijacks users’ documents and asks them to pay a ransom (with a time limit to send the payment).
A user receives an email with a password-protected ZIP file pretending to be from a company or person you know.
A user then opens the attached ZIP file, by entering the password included in the message, and attempts to open the PDF it contains. CryptoLocker takes advantage of Windows’ default behavior of hiding the extension from file names to disguise the real .EXE extension of the malicious file.
The Trojan then encrypts the users file’s content with the AES algorithm.
- Please be wary of emails from senders you don’t know, especially those with attached files.
- Disabling hidden file extensions in Windows will also help recognize this type of attack.
- Have an online backup system in place.
Latest threats: How else CryptoLocker spreads:
- A user gets prompt to enable macro, it runs and then their data gets encrypted.
- Dont run macros for Microsotf office and similar software programs
- Dont open files you dont know in an email
- Contact your IT support person if you encounter a file that looks suspicious, or any suspicious pop-ups