Cryptolocker – What is it?


As many of you have probably heard, there is a security exploit out in the open called the Cryptolocker virus or Cryptolocker infection.

What is it? It is unlike normal viruses or malware that you may have had experience with before. The Cryptolocker virus is a piece of malware that holds your computer and its data at ransom. When you get the cryptolocker package installed on your machine, the first thing it does is look over your computer for user-created data files. These include all the typical files one would create with Microsoft Word, Excel, Powerpoint, text documents, documents created with any of the open source office replacement suites, PDFs, and just about any type of picture, video, or music files. Before, viruses would simply render these files useless by corrupting the file or deleting it. Cryptolocker is different in this regard.  It quickly and efficiently encrypts these user data files with a public/private encryption key set.

Now the encryption keys that Cryptolocker uses are just about unbreakable. This is because it uses a key anywhere from 2,048 bits to 4,096 bits. A key space this large would take a supercomputer many months if not years to break by trying one guess at a time. The creators of the Cryptolocker infection therefore hold your computer files at ransom with this encryption and demand money in order to get the decryption key and program you need to decrypt these files. This ransom fee has been anywhere from $1,000 to $3,000 depending on what the current rate of bit coins is to U.S. dollars and how many they demand. Paying the ransom is not a recommended choice obviously because it is expensive and you don’t want to be sending the creators your hard-earned money.

Cryptolocker is the original widespread infection that operates as an encryption ransomware. It was only a matter of time but Cryptolocker has started a trend in the virus/infection way of doing things. At this time and day, there has been an additional 10-plus similar but different encryption-based ransom infections found in the wild. Each have varying degrees of similarity to Cryptolocker, however some are even more dangerous and damaging. There’s even a version that has been discovered to run on android phones; currently Gingerbread os and above versions.  Unfortunately this looks to be a trend for the future as hackers/malware creators these days look to make the most money for the least amount of effort from their actions.

Check our next blog entry for directions on how to combat Cryptolocker.

Stay Safe