Ransomware 101: What You Need to Know About Filecoder and CryptoLocker

Written by EO Johnson Business Technologies | Tue, Dec 9, 2014

Ransomware is any malicious software used by cyber criminals to hold your smartphone, computer, or computer files for ransom in exchange for payment to regain access. Ransomware has become a popular way for malware authors to extort money from companies and consumers alike, using tactics such as phishing or exploiting software flaws.

CryptoLocker is a type of Filecoder ransomware. CryptoLocker, released in September 2013, targets Windows XP and later. It encrypts certain files then displays a screen that prompts you to send a ransom in order to decrypt them, and a timer giving you 72 hours to pay. This ransom, which is typically around $300, must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment, and it is verified, the malware decrypts your files.

How do I become infected with ransomware?

As with other Trojans, Filecoder malware can infect systems in several ways, including:
Drive-by downloads from malware-laden, or compromised websites
Email attachments posing as receipts or invoices
Installation by another Trojan-downloader or backdoor infection

What can I do to protect my business?

Check with your IT department or IT service provider as to if you are protected. If not, choose antimalware software that uses advanced heuristics, which can detect new malware variants including ransomware.
Use URL filtering to block categories of websites such as pornography and gaming, which are common fronts for distributing malware.
Perform regular, off-line, off-premise backups of data and employees’ file.
Do not allow peer-to-peer file sharing software on your computers or networks.
Beware of little-known websites offering license keys for software at low prices.
Provide employees with cyber security training that covers ransomware.

For more information see www.welivesecurity.com or browse the following specific articles:

View full post