October 2013

CryptoLocker -- Game-changing malware

One of the most widespread pieces of malware making the rounds these days is an updated version of a payload that first appeared quite a few years ago.  This malware, known as CryptoLocker, is a form of "ransomware," a program that holds the user's data files hostage until that user pays to have those files released.  I wrote about this type of malware in my book, Bug-Free Computing:  Stop Viruses, Squash Worms, and Smash Trojan Horses, original Copyright 2005.  But CryptoLocker is a much more sophisticated variant of this attack.

All of the major anti-virus software vendors are aware of CryptoLocker, and many have written about it.  There has also been a lot of misinformation and bad advice on the subject from various sources, even some that would normally be considered reputable.  Rather than attempt to reinvent this wheel here, I will offer my general observations and recommendations, followed by a link to a blog post that I believe does an excellent job of presenting the facts about CryptoLocker.