Cryptolocker ransomware no cause for New Year celebration: Sophos
PostedDecember 16, 2013
From operating systems on desktops to software and peripherals on smartphones, information thieves have been clever, inventive and successfully stealthy in finding pathways for stealing personal information. Malicious software is alive and well; one only has to glance at the daily headlines reporting on security exploits in government and the private sectors. A new report from the security firm Sophos, “Security Threat Report 2014,” calls attention to the latest types of security headaches. They include ransomware, the type of malicious software that locks you out of your computer or your data and demands money to let you back in. Ransomware itself is nothing new, as a ploy to make files inaccessible, and then demanding money from the victim before the attackers hand back control of the system to the victim.
But this year Sophos security experts saw a newer ransomware version, called Cryptolocker. In a blog posting about the report, company CTO Gerhard Eschelbeck called Cryptolocker an exceptionally nasty strain, locking users out of their files with the use of “extremely strong” encryption. The Cryptolocker thieves have thus far been successful in getting their victims to pay large sums, in electronic payments. The report said that Cryptolocker is ransomware that “adds itself to the list of Windows programs that run at startup, tracks down an infected server, uploads a small ID file from your computer, retrieves a public key from that server (which stores a matching private key), and then encrypts all the data and image files it can find on your computer.”