Virus Warning: What is Cryptolocker and what you can do to avoid it

  • 2
  • June 6, 2014

Update 2: Cryptolocker mastermind has been taken down. It seems like the main threat is removed. However there will be copycat viruses out there so we advise to please stay diligent when opening foreign looking e-mails and attachments.

Update: It looks like the Cryptolocker botnet was taken down stopping the spread of the virus, the threat is lessened for now, but Computerworld is reporting replacement ransomware viruses are coming.

A previous Trojan only problem has evolved into a virus and is spreading itself around, the effect of the Cryptolocker virus can cause a lot of problems. The Cryptolocker virus – once It gets into your computer ­– will start encrypting all your files in a 256 bit AES-CBC and 2048 bit RSA, which is virtually undecryptable without the key. Cryptolocker will then offer you to unlock your files back for a fee, usually $500, this style of virus is called ransomware and the Cryptolocker virus is the most recent and prevalent of its kind. Cryptolocker currently only affects Windows PC’s. So for the time being Apple, Linux and mobile phones.

What can you do to avoid Cryptolocker

  • Spot the e-mails that deliver Cryptolocker: the main culprit e-mail is one stating that you have an attached fax, once you open that fax Cryptolocker is installed and it will start encrypting your files. Be wary and critical of what you’re opening. Don’t open files from unknown sources.
  • Run an anti-virus and keep it up to date.
  • Back up your data: The only way to get your files back without paying is to have a copy of those files stored somewhere that isn’t on the infected machine.
  • If a computer is infected remove it from the network
  • Ensure that your mail system will not accept .exe attachments.

What do you do if you have been infected

You have very little recourse if you are infected by the Cryptolocker virus. Paying the fee has shown to unlock files but it’s not always reliable, cybercriminals aren’t always the most honourable kind of people. If you have a backup set of files in a remote location it would be wise to start with a fresh install of a computer with the latest patches and antivirus updates to continue working.


Ready to get started? Call us at 416-363-9880 Ask Us Anything!