Cryptolocker has been one of the greatest fears among the business community due to its ability to encrypt important files making them unusable unless a ransom is paid.
According to bleepingcomputer.com:
“CryptoLocker is a ransomware program that was released around the beginning of September 2013 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 72 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.” (source)
As you can gather, Cryptolocker is a very serious piece of ransomware. Whilst Cryptolocker assures that it will decrypt your files upon payment. ultimately we are dealing with criminals, and there is no guarantee.
Previously the main recovery option was using a backup that was unaffected by the ransomware. However new developments have recently surfaced which may assist you in recovering your files. A new portal has been created by Fox-IT and FireEye which may be used to decrypt the files Cryptolocker has encrypted. The portal can be found here.
Should you have any further questions in regards to Cryptolocker and wish to have your computer scanned for malware, ransomware or spyware please do not hesitate to lodge a ticket with us.
