CryptoLocker is not the first piece of malware to encrypt the files of a computer. And chances are it will not be the last. This post will offer info on this type of infection as a whole.
First off, this type of malware is not new at all. The first piece of malware to encrypt files was a piece of malware which was called "PC Cyborg." Written in 1989, this malware claimed that a user's license to use a certain piece of software had expired. It then required the user to pay 189 US Dollars to unlock the system.
Ransomware that encrypts files is the new breed of moneymaker for malware writers. And considering that it has become relatively easy to encrypt files, this can now be done by an individual or a small group rather then a large company.
In the past, rogue antivirus programs were seen as the main moneymaker. But credit card merchants have caught on to this fact, which is one of the reasons why the amount of rogue antivirus software is decreasing.
Now, ransomware authors demand payment via a prepaid card such as GreenDot MoneyPak, ukash, and now BitCoins. They do this because payment via one of these methods is somewhat like cash. It's virtually untraceable and once the money is gone, it's gone.
Education is the only way to prevent infection unfortunately. Without education, users will continue to open email attachments they shouldn't, use weak passwords, and go to websites that they should not.
I suggest that no one pay the ransomware. Doing so only encourages the writer or writers to continue because the scam is working. Besides that, there is no way of knowing what you are funding when you pay. For all a user who pays knows, he or she could be funding terrorism.
But by the same token, I know that sometimes it is important for a user to get his or her files back using any means necessary.
And as for steps that a user should take to avoid having to pay, should he or she get infected, backups are the only clear way to do it. Writing decryption tools is hard work and will not always succeed.
And because of the fact that the type of encryption that is now being used by the ransomware has never been broken before, it leaves little hope that decryption tools will be a safe bet for a long time to come.
No comments:
Post a Comment