If you don't have backups, what are you waiting for?
Disk encrypting Cryptolocker malware demands $300 to decrypt your files
Earlier this year, a nasty new type of ransomware burst onto the scene. Unlike others, however, this new oneís bite was every bit as bad as its bark. The Cryptolocker hijacker sniffs out your personal files and wraps them in strong encryption before it demands money.
You may remember reading about it here on Geek.com back in January. Eight months on, it looks as though Cryptolocker isnít showing any signs of letting up. In fact, thereís even a new variant making the rounds.
The original demanded payments of $100 to decrypt files. The new and improved version? $300. Clearly those in control of Cryptolocker realized that they werenít taking full advantage of its criminal potential.
As IT administrators and repair pros struggle to undo the damage, some are finding that giving in to Cryptolocker is the only way out. Amazingly, paying the Cryptolocker ransom does actually initiate the decryption process.
So while itís generally not considered a good idea to give in to the bad guys (how can you fully trust someone that thinks itís OK to hold your files hostage?), those without a good set of backups that have been infected donít have any other options yet.
At least the crooks behind Cryptolocker have some scruples. Often when payments are demanded, the only thing that changes is the balance of the two bank accounts involved. Thereís always the potential for reinfection, though, so even if you do get your files back after paying up itís best to reformat and start from scratch.
Researchers from a number of antivirus vendors are working on a way to undo the damage, but itís not going to be easy. Decrypting Cryptolocker files requires access to both the public and private keys used to encrypt them. Until authorities get their hands on that second key, the NSA may be the only folks around that can reverse the process.