Cryptolocker | The Central Texas IT Guy

April 8, 2016

Cryptolocker is a common form of ransomware, a malicious software that encrypts a user’s files until a ransom amount is paid to the hacker. It generally targets computer systems operating on different versions of Windows. Essentially, Cryptolocker is a Trojan, which means that it can replicates itself and requires a host program to be executed.

How Cryptolocker Infects A Computer?

Cryptolocker mainly uses social engineering techniques in order to compel a user to execute the malware laden file. It is generally spread through spam emails that claim to be from a legitimate authority, such as a bank or reputed company. When the user clicks or downloads any attachment in such emails, the malware file saves itself in the computers’ hard drive and adds a key to the registry to enable auto-run whenever the computer starts up. It may initiate two different processes on the system – one is to encrypt files and the other is to avoid detection or termination of the former process.

When a computer is infected with Cryptolocker, it may initially show no warning signs. The malware contacts the central server to receive the key for activation and begins encrypting the files stored on the system. The most typical files targeted by Cryptolocker have the following extensions – *.odt, *.ppt, *.pptx, *.doc, *.docx, *.xls, *.xlsx, *.orf, *.jpg, *.jpe, *.img,*.jpg, *.pst, *.mdb, *.psd, *.crt, *.pem, *.mdf, etc.

Once the encryption process is complete, the malware displays a pop-up on the screen, asking the user to make a payment in order to receive the key to decrypt the files or they will be deleted permanently.

How To Prevent Against Cryptolocker?

Keep your computer system updated with the latest operating system, anti-virus programs and software security patches.
Do not open emails from unknown senders and click on or download any unidentified attachments.
Block the execution of .exe files, including zip files, in your email and certain parts of the computer’s hard drive.
Disable hiding of file extensions in Windows.
Keep a backup of all your important data on the cloud or a removable storage device.
Remove local administrator privileges from your computer so that each time a software is installed or executed, it required entering the login credentials of a custom admin account.
Enable system restore to reverse any software installations, updates and driver changes as well as remove any malicious file that may have been accidently downloaded.

For more information on Cryptolocker and other forms of computer malware, feel free to contact Centex Technologies at (855) 375 – 9654.

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Tag: Cryptolocker

Cryptolocker: What Is It And How To Avoid It?