OK, from what I have gathered, this is my 10th blog post regarding CryptoLocker. And if you are reading this, you likely already know what it is. But for those of you who have not heard any computer security news for the past two months, CryptoLocker is a piece of file encrypting ransomware that you can learn more about by looking at my other posts regarding it.
Not a whole lot more to talk about that is new. CryptoLocker is still being spread via email as an attachment. This attachment is normally a executable that is in a zip file format. This file can be unzipped to find the executable that you can then run.
But something new-ish is that the zip file is now password protected. This is a measure used to prevent mail filters that companies are setting up from blocking files with a .zip file name extension. Because these filters are not made to block password protected files.
This is both a good sign and a bad sign.
It is a bad sign because the makers of CryptoLocker are monitoring to see what methods are working to prevent infection.
It is a good sign because companies are now paying attention to CryptoLocker.
I do not see this issue with CryptoLocker going away any time soon. Granted, we may find the makers of CryptoLocker. But that will not stop other creative malware writers from making their own CryptoLocker. The cybercriminals who made this know that this makes money.
But I do know that when this method gains popularity with malware writers, they will make mistakes. Whoever made CryptoLocker did not cut any corners. We will be able to exploit mistakes in order to find a way to defeat this.
But until then, we must press on the fight against CryptoLocker.
And with that, I deliver the following sentence. A plea, a promise, a call:
We must stand united to repel CryptoLocker and other such invaders from our internet.
Thank you for reading, I invite readers to comment with any questions or comments.
No comments:
Post a Comment