Beware: a new wave of Cryptolocker attacks is targeting Australians

By on
Beware: a new wave of Cryptolocker attacks is targeting Australians

Cryptolocker is a nasty form of malware that encrypts files on the victim's computer and holds them to ransom. Pay up, and your files are decrypted - at least in theory, though there have been reports of cases where victims have paid the ransom but their files remained unusable.

A good backup regime can help protect against this type of malware - you don't need to decrypt a file if you have a copy of it - but there's always the possibility that a new and hard to recreate file may be encrypted before it is backed up.

A new wave of Cryptolocker attacks is targeting Australians and demands a ransom of $450 if paid promptly, rising to $1000 if victims delay payment.

According to Symantec, the malware arrives in the form of a zip archive that "uses the name of a major courier firm in its file name."

A lot of businesses use couriers, so this is a fairly good way of tricking people into running malware. It's a similar strategy to the fake ATO,this-is-what-the-scam-australian-taxation-office-email-looks-like.aspx and Westpac,warning-westpac-scam-alert.aspx malware campaigns we reported two years ago.

Unfortunately, Symantec's warning about the latest Cryptolocker campaign paid more attention to the appearance of the malware once it executes (it uses the 'Los Pollos Hermanos' branding from the TV show Breaking Bad) rather than giving clues about how we can recognise the emails that are used to deliver it.

Symantec's - and presumably other vendors' - security software can detect this Cryptolocker variant, but always think twice before opening attachments. For example, is the purported sender actually one of your customers or suppliers, and are there any indications that the email might not really be from that organisation?

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?