Yuval Ben-Itzhak, CTO at security software company AVG, said: “Ransom malware has been around in different variations since the early 1990’s.” This malware has been terrorizing people for a long time and still some of us don’t understand when they got it and how can protect their files and computers. “The email would have a zip file attachment which contains the executable code for the malware disguised as a PDF file. If the user clicks on this PDF icon, it infects the computer as soon as it opens,” Ben-Itzhak added.
Then CryptoLocker using a randomly-generated name installs into your “Documents and Settings” folder. It gets in a list of programs in your registry and automatically loads itself every time you logon. Then it pops up a message on the screen demanding you to pay (usually 300 USD or EUR) in a limited time period to receive the private key for your data. Recently a choice of a new payment method was given to users. CryptoLocker describes bitcoin as the “most cheap option” and asks for 2 BTC.
According to Bitbargain post on its blog, there are more and more customers who try to buy bitcoins exactly in order to pay for the CryptoLocker malwares threats. Bitbargain’s blog post explains: “Knowingly accepting money so that the coins may be sent to the criminals would turn the service into a money laundering operation, encourage the criminals to take this to a higher level, not to mention the sellers could easily get tangled up in a police investigation or get their bank accounts frozen.”
There are a number of precautions for users to minimize the risk of CryptoLocker malware infection or other types of malware. Ben-Itzhak advised to have an active and up-to-date antivirus program on their PC. You should also remember to make regular backups. It is important to store your backup in safe place, preferably offline. And most important – avoid opening unknown unexpected attachments, especially from unfamiliar addresses and people.