CryptoLockerA particularly nasty piece of malware, called CryptoLocker, is now targeting home internet users, after initially focusing on professional users.  It first surfaced in early September 2013 and prevents people from using their computers by locking the screen and holding files for ransom. This includes photos, music files, word documents and other information and of course all of your online identity information.


CryptoLocker usually displays a countdown clock with a message saying that if a fee isn’t paid within the stipulated time, data will be destroyed. To date, it’s estimated to have infected about 250,000 people mainly in the UK and the US.

CryptoLocker first started spreading via spam emails that purported to be a customer support message from a delivery services such as DHS, FedEx or UPS. Later it was distributed via emails that claimed there was a problem clearing a cheque.  In both cases, victims have clicked an attachment, at which point CryptoLocker was then installed on the computer.

Email virus protection

Clearly, it pays to keep one narrowed eye on emails claiming to be from a company you may have heard of but haven’t used, or if you have used, has an attachment. Email is CryptoLocker’s main method of infection so watch out for those unsolicited emails bearing unwanted attachments.

That said, the best steps to guard against CryptoLocker are the same as those employed against any malware attack of hardware failure. Number one, make sure you have good antivirus software in place that detects CryptoLocker before encryption takes place and number two regularly back up your data.

Back it up

The backups should be in a form that’s disconnected from your computer, because CryptoLocker will seek out connected USB drives and network shares and attempt to encrypt those files too.

If you’re wondering, CryptoLocker differs from most ransomware we’ve seen to date. Traditional ransomware, which has been around in various forms for over 20 years, uses customised cryptographic implementations.  CryptoLocker, however, use certified cryptography offered by Microsoft’s CryptoAPI and follows best practice guidelines.

In short, this means the hackers have created a robust programme that is difficult to circumvent once it is installed on a machine. And this is why it’s particularly nasty.

avatarWritten by Steve Bell (80 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.

Leave a Reply

Your email address will not be published.