“CryptoLocker is a ransomware trojan which targets computers running Microsoft Windows and first surfaced in September 2013. A CryptoLocker attack may come from various sources; one such is disguised as a legitimate email attachment. When activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline, and threatens to delete the private key if the deadline passes. If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in Bitcoin.

Although CryptoLocker itself is readily removed, files remain encrypted in a way which researchers have considered infeasible to break. Many say that the ransom should not be paid, but do not offer any way to recover files; others say that paying the ransom is the only way to recover files that had not been backed up. Payment often, but not always, has been followed by files being decrypted.”



See CryptoPrevent and HitmanPro for preventive methods.

If you’re unsure of your security, call us for support. Be warned though, if you are attacked by Cryptolocker your DATA will most likely be lost if preventive methods aren’t implemented. Most anti-virus and/or anti-malware programs will not stop your data from being encrypted. Prevention is the best means of securing your DATA. BACKUP BACKUP BACKUP! And keep your BACKUP in a safe location that can’t be accessed by the computer via any network or USB.


Michael Howard