An Irishman’s experience with Cryptolocker

scam

Would you pay 800€ to have your encrypted computer files unlocked? That’s the going rate of cybercriminals’ ransomware these days.

ESET Ireland has partners all over Ireland and one of them from Co. Wexford passed on to us the unfortunate story of a customer who got their computer infected by Cryptolocker malware, and since it was written with so much detail, I am including it in full:

“The customer had AVG free on a Win XP system. He said he really only used it for email and of course for work stuff. He said he had files going back 8 years on the machine, mostly to do with work and a hell of a lot of Autocad files which of course he did not have backed up anywhere. Anyway as annoyed as he was about it all, he didn’t want to chance paying the ransom fee, but would have chanced it though, if it had of been around €200. I actually emailed the address it gave and they came back asking for €800! I replied and played the sob story and said all my children’s pics were on it and I couldn’t afford €800. They replied saying they would do it for €700 and if I wasn’t interested in that price, tough!”

email

Our partner then added all their customer was doing the night before was checking emails and going to some regular websites, nothing “dodgy”. Our partners had to get him a new hard disk drive, since they couldn’t decrypt the old one, but are holding on to it in case they can decrypt it in the future.

Eight years of files lost in an instant. Disappointment, frustration, anger. But could it have been prevented? ESET Ireland points out three major issues sticking out from the unfortunate man’s story.

No backup.
External disks, USB sticks, DVDs, online storage like Dropbox or Google drive can all be used for quick and easy backups of all your crucial files, documents, pictures, etc. It doesn’t require a lot of effort to make regular backups, but it can surely prevent a lot of frustration in case the original files are compromised.

Windows XP
Microsoft support for Windows XP has ended as far back as April 8th, 2014. Microsoft official page explains that means “that technical assistance for Windows XP is no longer available, including automatic updates that help protect your PC. PCs running Windows XP will not be secure and will be at risk for infection.”

Free antivirus
Free antivirus software is usually not as fully functional as paid security packages, therefore they do not protect against the full range of online threats. Companies offering “free” software usually do so with hope to sell a full edition to the customers later.

Ransomware is most usually spread through infected attachments in emails. Since the unfortunate man above claimed he was only checking emails, he most likely received one of those, clicked on it and since neither his outdated Windows XP nor the free antivirus detected the threat, it infected his computer and encrypted his files.

Ireland has been hit with ransomware attacks many times in the past, and you can check ESET Ireland’s blog for a few tips on dealing with ransomware. ESET’s security software detects most versions of Cryptolocker.

by Urban Schrott, ESET Ireland


2 thoughts on “An Irishman’s experience with Cryptolocker

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s