I have recently become aware of CryptoLocker which is a new type of worm that will try to infect your computer. It targets Windows machines and the way that it works is that it encrypts files on your machine so that you cannot access them without using a key to unlock the files. In order to gain the key you need to pay money to the bad guys, usually $300, €300 or 2 Bit Coins.
CryptoLocker is spread via email. You receive an email that includes an attachment and when you open the attachment the payload is usually installed into your Documents and Settings with a random name. One of the reasons that this worm is proving so successful is that many Windows machines are configured to not display the extension type of documents and so the user does not realise that the attachment in the email is in fact an executable file (.exe).
Once installed the worm adds a key to the registry and on start up it then contacts a server where a 2048 bit key pair is generated. It then starts to encrypt various files that it finds on your hard drive or network and ties each encrypted file back to the registry key. Once the encryption has taken place you will see a message displayed that informs you that your files are encrypted and that the only way to access them is to purchase the key. Further you are also informed that you have 72 hours to make the payment or the key will be destroyed and your encrypted files will never be able to be accessed again. The strength of the encryption is so strong that you will not be able to crack the key and your files may as well have been deleted.
So how much is your data worth? Please take care when opening email attachments and also consider backing your data up. You should really back up all important files on an external hard disk and also in the cloud. That way even if your home or office is either burnt down or flooded you will still have an off site back up of your data that can be recovered at a later date.
All too often we here disaster stories about people who have lost their data and we all think “It couldn’t happen to me”, unfortunately it could happen to you. CryptoLocker is just the latest in a long series of methods that could result in you losing your precious data, be it personal or business. If you do not already back up then please start to do so before it is too late!