Avast protects PCs against CryptoLocker ransomware.
Question of the week: I have read frightening stories about CryptoLocker locking computers. I don’t have $200 to pay blackmailers for my own files. How do I protect myself from getting attacked? Does avast! protect from CryptoLocker?
“Avast Antivirus detects all known variants of CryptoLocker thanks to our automated processing and CommunityIQ,” said Pavel Sramek, researcher and analyst for the avast! Virus Lab. “There are less than a dozen; this doesn’t seem to be a case of rapidly mutating malware.”
What is CryptoLocker?
CryptoLocker is malware known as “ransomware” that encrypts files on a victim’s Windows-based PC. This includes pictures, movie and music files, documents, and certain files on local or networked storage media. A ransom, paid via Bitcoin or MoneyPak, is demanded as payment to receive a key that unlocks the encrypted files. The victim has 72 hours to pay about $200; after that the ransom rises to over $2,200.
How to get CryptoLocker?
The CryptoLocker virus is often attached as an executable file disguised as a PDF attachment to an official-looking “spoofed” email message which claims to come from banks, UPS or FedEx claiming to be a tracking notification. When someone opens the email, they are asked to download a Zip file that contains an executable file (.exe) that unleashes the virus. There is also evidence that CryptoLocker started with infections from the ZeuS or Zbot banking Trojan and is being circulated via botnets to download and install CryptoLocker.
How to protect your computer from CryptoLocker?
Avast users should be safe from infection during the short period when the malware is new and “undetected” as long as AutoSandbox and DeepScreen are active. “The infection is prevented by means of a dynamic detection,” said Sramek.
“We also automatically add detections for each new sample that passes our backend filters,” said Jiri Sejtko, Sramek’s colleague in the Avast Virus Lab.
“Having a backup is always a good idea – who knows when CryptoLocker v2.0 will be released, and every antivirus solution is reactive by nature,” said Sramek. “The encryption used is virtually unbreakable, there is zero chance of recovering files after infection.”
Avast has free ransomware decryption tools here.
Read the warning issued to American computer users from US-CERT, and the warning to British users from NCA’s National Cyber Crime Unit.