Dangerous malware CryptoLocker holds data ransom

What is CryptoLocker?

CryptoLocker is a ransomware program that will encrypt certain files such as Microsoft Word, Powerpoint, Excel, Pictures, Music, Videos, etc.  When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom order to decrypt the files.

CyptoLocker payment screenshot:

payment screenshot

What computers are at Risk?

Microsoft Windows systems running Windows 8, Windows 7, Vista, and XP operating systems.

Why it it dangerous?

Your data files are encrypted with a unique key that only the hackers have access to.  The encryption cannot be broken at this point in time without the key.  When your data is encrypted and the key is lost, the data is essentially lost forever.

What if I think my computer is infected?

  1. Disconnect the computer immediately from ALL networks; wired or wireless
  2. Contact the UA Support Center 330.972.6888

How can I protect my computer?

  1. Routine backups of important files
  2. Do not follow unsolicited web links in email or open email attachments that you don't expect; even if they are from people you know.
  3. Follow safe practices when browsing the web; see the section below on Good Security Habits.

Further reading on how to protect your computer and data topics can be found on United States Computer Emergency Readiness Team's (US-CERT) web site:

  1. Avoiding social engineering and phishing attacks: http://www.us-cert.gov/ncas/tips/st04-014
  2. Using Caution with Email Attachments: http://www.us-cert.gov/ncas/tips/st04-010
  3. Good Security Habits:  http://www.us-cert.gov/ncas/tips/ST04-003

Phishing Advisories

These are a sample of the current phishing email that have been seen in mailboxes at UA.


US Computer Emergency Readiness Team Notices