Page 1 of 1

New ransom malware making the rounds.

Posted: Wed Jul 15, 2015 7:39 am
by Crabber85
Apparently the old versions of Cryptolocker and Cryptlock have been re-vamped in an effort to foist anti-malware programs by changing subtle things like the behavioral characteristics of the malware itself and even adding in a new feature to these malicious programs that allows them to detect when they are being scanned by anti-malware programs and even to detect when the anti-malware attempts to neutralize them which often ends up with the malware locking the system down to protect itself from detection and deletion.This is making it even harder for the anti-malware/ anti-virus companies to keep up with this growing threat.The only way to protect yourself against these encryption threats is to keep your system up to date, regularly update your anti-virus/anti-malware and make sure to run a good firewall like Comodo personal firewall otherwise you run the risk of picking up one of these nasty ransom-ware encryption programs.If you get infected with an encryption infection you will loose all of your data that the program has encrypted because most of the anti-malware programs will just delete the encryption software and everything it has encrypted to get rid of it.These encryption programs usually only go after your personal folders like documents, pictures and videos and typically leaves the rest of the system untouched so if you can use an external storage device like a USB memory stick/drive, external hard drive or even cloud storage this will give you the option of having a backup of your missing files to restore from but if you use an attachable external memory make sure to remove it once it has been written to otherwise the encryption program will detect it and encrypt it locking it up as well.Backing up your sensitive data regularly on an external storage device is both highly recommended and a good security protocol to protect your sensitive data.Personally I use a USB memory stick to keep my personal documents and files stored and backed up to protect them.If you find yourself the victim of encryption malware don't pay any money for the decryption key as all you will do is loose your money and get nothing in return.

New ransom malware making the rounds.

Posted: Thu Jul 16, 2015 9:48 am
by Laurie LeAnn
This is how my brain works now.. malware? I see your post..first thing that pips in my head is dishes! Lol!! Did you mean random? Instead of ransom?

New ransom malware making the rounds.

Posted: Thu Jul 16, 2015 2:10 pm
by Crabber85
@Laurie, no I meant ransom this type of malware(malicious software used for harmful purposes)holds your data hostage and demands a ransom in either cold hard cash or bit-coins to get the data back.In this case the way the malicious software holds your data hostage is by encrypting it so that it can not be accessed unless you pay the money to get the key that will unlock the encrypted files.An encryption program works by hiding the data in a file by changing the language of the file to something the computer can not understand this makes the file inaccessible or unreadable by the computer rendering it useless and the only way to return the file to normal is to have the key which will give the computer the ability to convert the file back to its original condition thereby making it accessible or readable.Ransomware is a specific type of malware or malicious program that works to take your files hostage or in certain instances the entire computer like the FBI money pack scam, the problem with Ransomware like Cryptolocker that encrypts your data is that the decryption key is generated and stored on the attackers server at the time your files are locked away which means that these keys are one of kind and only occur once and because so many of them are created on a daily basis the older keys get deleted after two or three days to make room for the newer incoming keys so the likelihood of you obtaining the specific key you need to unlock your files is close to zero as they are often already deleted before you would have had the chance to pay for it which makes paying the ransom moot or obsolete which is why most people who are stuck facing this situation will just opt to have the Ransomware and all of the encrypted files deleted using an anti-malware program like Malwarebytes anti-malware or Emsisofts anti-malware.Cryptolocker, Cryptodefense and Cryptowall all use the RSA-2048 encryption method that Microsoft uses legitimately to protect your data the problem is MS didn't think ahead and left the RSA system open to miss-use and abuse by hackers and left Windows users holding the bag.