Security Alert: CryptoLocker 2.0

Please add feature image

By: Daystar - Your Technology Partner April 2, 2014

Cybersecurity| Article Post| Operations| IT

SHARE this post!CryptoLocker 2.0

We are seeing a new version of the crippling malicious software CryptoLocker that hit the digital community last fall and winter. It dubs itself CryptoLocker 2.0, but it is actually a copycat, or a completely new version, of the malware. In the last week alone, we have come across almost half a dozen area businesses victimized by attacks.

There are technical differences between the two, however the delivery and result are similar.

  • CryptoLocker 2.0 normally attacks via e-mail. In addition to the original messages with bogus links, CryptoLocker 2.0 also hides in zipped files within messages with routine subject lines like: "New Fax : 2 pages" purporting to come from an administrator account within your company's trusted domain.
  • Once the user opens the attachment or link, the ransomware is loaded. In addition to all of the Office and database files the original version encrypted, CryptoLocker 2.0 also encrypts photos, video and music files, and more. Theuser is completely locked out of their own files.
  • CryptoLocker 2.0 then posts a message on the user's screen demanding payment to decrypt files.
  • Normal security prevention and antivirus tools will NOT prevent or clean up the infection.
  • Files can only be recovered from a backup restore and system rebuild or, in the worst case scenario, by paying the ransom.

What to do:

  • Notify your users immediately! Tell them to be wary of any e-mail messages with unexpected links or attachments. Any suspicious e-mail should be verified as legitimate before clicking on any link. If in doubt, DELETE it!
  • Verify your backups and make sure they are operating properly. Hopefully, you won't need it, but if you do, you'll be glad to know it's up-to-date.
  • If you become infected, instantly remove the device from the network and shut it down. Contact Daystar immediately for assistance.
We are currently testing proactive measures to help minimize your chance of infection from CryptoLocker 2.0. Unfortunately, there is no known way to completely prevent it. If you would like more information, please contact Daystar's Professional Services Group via your  client portale-mail, or via phone at 603.766.5924 x3.
 
For more information on CryptoLocker, please visit our original  blog post.

When was the last time you checked in on your IT performance?

The Business IT Checklist shows you the 7 steps you need to take to enhance your business technology immediately.

Download the 7-Step Checklist
business-it-checklist
Daystar - Your Technology Partner

Written by Daystar - Your Technology Partner

Would You Like to Work With Us?

Technology can be your best friend or your worst enemy.
We make sure it’s your best friend.

DayStar Logo - White 1

LOCATION 121 Shattuck Way Suite 10
Newington, NH 03801 Support: (603) 766-5924
Sales: (888) 507-8067

FOLLOW US
Contact Us
Daystar is a managed IT services provider and business technology integrator serving businesses and organizations in the tri-state area throughout New Hampshire, Maine, and Massachusetts.

© 2024 Daystar, All rights reserved.