It uses strong cryptography to lock all files that a user has permission to modify, including those on secondary hard drives and network storage systems. "We went ahead and killed the local network connection on the machine in question and we were immediately presented with a screenshot letting us know exactly what we were dealing with." AdvertisementĪccording to multiple participants in the month-long discussion, CryptoLocker is true to its name. "After reading about the ransomware on reddit earlier this week, we guessed what we were dealing with, as all the symptoms seemed to be popping up," Nic, who asked that his last name not be published, wrote in an e-mail to Ars. By the time CryptoLocker had run its course, hundreds of gigabytes worth of company data was no longer available. A quick investigation soon uncovered other corrupted files, most or all of which had been accessed by the accounting employee.
Within a few hours, the company's IT department received word of a corrupt file stored on a network drive that was available to multiple employees, including the one who received the malicious e-mail. He then locked his computer and attended several meetings. When the receiver clicked on it, he saw a white box flash briefly on his screen but didn't notice anything else out of the ordinary. But accounting employees are used to receiving e-mails from financial companies. Yes, the attached archived zip file with an executable inside should have been a dead giveaway that this message was malicious and was in no way affiliated with Intuit. It started when an end user in the client's accounting department received an e-mail purporting to come from Intuit.
If this wasn't already abundantly clear, consider the experience of Nic, an Ars reader who fixes PCs for a living and recently helped a client repair the damage inflicted by a particularly nasty title known as CryptoLocker. Malware that takes computers hostage until users pay a ransom is getting meaner, and thanks to the growing prevalence of Bitcoin and other digital payment systems, it's easier than ever for online crooks to capitalize on these "ransomware" schemes.
0 kommentar(er)
