Monday, May 9, 2016

New Variant Of CryptoLocker Virus



This months article focuses on a new High Risk virus based on the 'Cryptolocker' virus which is being widely distributed on the internet, via various emails and infected websites, and is now infecting Irish computer users.
Virus Details:
This virus, as with the original crypto virus, is an extremely dangerous and damaging virus as it will encrypt your data and there is NO KNOWN way to unencrypt the data. This virus has the potential to effectively cripple your ability to access your data. The virus will encrypt data on your local computer usb devices and network shares and the encrypted files will replicate to cloud storage.  It operates in stealth mode(silently unknown to you) and will announce its presence only when the damage is done.
Currently no anti-virus software is capable of 100% defence against this virus and regardless of when it is detected it is likely it will have encrypted data.
Your Cloud storage will be affected by this virus as your pc will synchronize your cloud with the local files. Your smartphones and tablets will replicate the encrypted files to those devices effectively wiping out all unencrypted versions of your files.  Cloud storage SHOULD NOT be counted as a valid backup device with this virus. This virus targets photos,music and video files as well as a host of other files.
The authors have learned from the shutdown of the crypto virus and now rely on multiple unique web pages located on the dark web to thwart any attempt by police forces to shut down the operation. As payment is requested in Bitcoin this ensures it is virtually impossible to track the culprits. In coming articles I will explain in more detail  bitcoin, The Dark web, and encryption.
Method of Delivery
This virus relies on various methods for delivery including Microsoft word documents which when opened downloads the virus from the internet. Using this method the authors have been able to defeat the protection provided by your anti-virus software.  As the kit for this virus is being sold to criminals other methods will be employed to deliver it to you.