NEWS FROM THE LAB - Tuesday, November 19, 2013

CryptoLocker: Better Back Up Your Stuff Posted by Sean @ 19:34 GMT

If you haven't heard much about "CryptoLocker" yet… you will.

Unlike much of the ransomware we've written about in the past, CryptoLocker doesn't attempt to use police themed trickery or other sleight of hand. It's strictly business. It infects via e-mail attachments (zip files containing supposed PDF files) and then sets about encrypting all of your personal data files — photos, music, documents, et cetera.

And then… you have three days to pay the ransom. Or else.

CryptoLocker is trending in the US:

US-CERT Alert (TA13-309A)

And in the UK:

Mass ransomware spamming event targeting UK computer users

It's largely a problem in English-speaking countries because that's the language used in the e-mail bait. For now. It's certainly only a matter of time because somebody decides to expand into other languages.

And here's the kicker. One of the ways in which you can pay? Bitcoin.

Cryptolocker, Bitcoin
Source: Microsoft

That's right, CryptoLocker accepts everybody's favorite cryptocurrency as payment. And that's why this could be a tipping point. One of the biggest factors keeping ransomware at bay is the difficulty it takes to get paid. Thanks to Bitcoin and other similar digital currencies… that barrier is eroding fast.

Ransomware economics: the more frictionless Bitcoin becomes — the more prevalent CryptoLocker will become.

Backup your stuff.