The I.Q.D. Team Connection
  • Welcome
  • Iraq News Current
  • PRE & POST RV Information
  • Market Place
  • Twitter Feed
  • Join Our Mailing List
  • Future Of Iraq Project & Other Links
  • The IQD Team Connection Blog & Announcements
  • Quick Links
  • Conf Calls: Recordings
  • Contact Us
  • Financial Planning
  • How to Choose A Financial Advisor
  • Private Bankers: Contacts & Websites
    • Private Bankers - Articles of Interest
  • Computer Security
  • Dinar Dealer & Exchange Info
  • Public Record Sites - Background Checks FREE
  • Real Estate
    • Landlord Tenant Laws & Information
  • Documents: Gifting
  • In Loving Memory of Tim
  • Health & Wellness Blog
  • Health Wellness Products
  • In Loving Memory of Linda

CryptoLocker crooks launch new 'customer service' website for victims

11/16/2013

0 Comments

 
Herb Weisbaum NBC News contributor
Now here’s a first — crooks who realize the importance of customer service.


It’s the latest twist in the global CryptoLocker ransomware attack. This diabolically nasty malware locks up all of the victim’s personal files — and in some cases, backup files, too — with state-of-the-art encryption. The bad guys have the only decryption key and they demand $300 or two Bitcoins to get it.


“It’s been a disaster for many of the people hit with it,” said Lawrence Abrams who has been tracking the spread of this infection on BleepingComputer.com

Within the past few days, the criminal gang behind CryptoLocker created a site for victims who need help making their required extortion payments.

“These guys have some big cojones,” said security expert Brian Krebs, who writes the blog KrebsOnSecurity.

The CryptoLocker Decryption Service allows victims to check the status of their “order” (the ransom payment) and complete the transaction. I am not making this up!

Those who paid the ransom (with either Green Dot cards or Bitcoins), but did not get the decryption key — or got one that didn’t work — can download it again.

Those who missed the 72-hour deadline can also get their key, but the price jumps from two Bitcoins to 10. At today’s market value, that’s nearly $4,000. And Green Dot is not accepted with this extended-deadline service.
Why are the CryptoLocker crooks doing this?

“They were leaving money on the table,” Abrams told me. “They created this site to capture all of the money they were losing because people couldn’t figure out how to make the ransom payment or missed the deadline.”
The bad guys also ran into some technical problems after they launched their attack. It turns out that when antivirus software removes CryptoLocker from an infected computer, the victim can no longer pay the ransom and decrypt their files. To do that, they had to re-install the CryptoLocker malware, something that was not only weird, but cumbersome.

By using the customer service site, victims can get a key that will unscramble their files without the need to re-infect their computers.

Is this the new reality?
 
Sophos
The criminal gang behind the nasty CryptoLocker ransomware attack realized they were leaving money on the table from people who got this extortion notice, but could not quite figure out how to pay for the decryption key. A new "customer service" website will to help these victims and even offer an extended-payment deadline for a much higher price.

Law enforcement and cyber security experts always advise victims of ransomware attacks not to pay the ransom. After all, that extortion money goes to fund a criminal operation, and there’s no guarantee the files will be released.

But when you’re the victim, when all of your data has been encrypted and you don’t have a suitable backup, you’re faced with two choices: pay up or have those files frozen forever. That’s why so many people are paying and why security experts fear more of this nasty malware is on the way.

“Anytime you see an underground business that is doing well, you will always see more people copying it,” said Krebs. “Unfortunately, I think these destructive attacks are here to stay and they’re only going to get worse and more intense.”

Sean Sullivan, security advisor at F-Secure, agrees.
Until now, ransomware attacks have been limited by the lack of a global payment method. It took a lot of work to get paid in different parts of the world. Bitcoin, the new digital currency, solves that problem.

“CryptoLocker, using Bitcoin, might finally have reduced the overhead of not having a global form of payment,” Sullivan said. “We’re getting to the tipping point where ransomware will become epidemic because it’s not that hard to get paid anymore.”

CryptoLocker: A new method of attack
There are various ways for malware to infect your computer. Security experts tell me CryptoLocker is delivered in a Zip file attachment. Open that attachment and the malware is loaded onto your machine.
Some antivirus software can now detect CryptoLocker hidden in a Zip file and prevent the infection. So, a couple of days ago, the bad guys modified their attack.
 
BleepingComputer.com
The new CryptoBlocker delivery vehicle is a Zip file that requires a password to open. This is designed to fool antivirus software that can now detect the malware hidden in a regular zip file. Open that file and your files are toast.

According to Lawrence Abrams at Bleeping Computer, the Zip files containing CryptoLocker are now password protected. That little trick gets them past the security software.
Abrams said it appears the password “PaSdIaoQ” is the same for everyone. Open that attachment and your files are toast.

How do you protect yourself?
It’s the same advice you’re heard before: Don’t open attachments from an unknown sender, have up-to-date security software and back-up your files religiously. And because CryptoLocker can compromise files already backed-up, you need to reassess how you do your backups.

Network drives (whether physical or in the cloud) that are always connected to your computer are often vulnerable. Krebs suggests doing a manual backup and then disconnecting the drive when you’re done. It’s a lot more work, but much safer.

Krebs warns that we are now dealing with a new generation of malware. Once it’s done its damage, you cannot undo it yourself.

“This is scary stuff,” he said. “People need to rethink how they protect their important files.”
In a new article on his blog, Krebs recommends two tools that can block CryptoLocker infections: CryptoPrevent from Foolish IT for individual windows users and the CryptoLocker Prevention Kit from Third Tier for small business administrators.

More Info:
•    CryptoLocker Ransomware Information Guide and FAQ

•    126 Page CryptoLocker Support Topic
•    Tools for a Safe PC

Herb Weisbaum is The ConsumerMan. Follow him on Facebook and Twitter or visit The ConsumerMan website.

http://www.today.com/money/cryptolocker-crooks-launch-new-customer-service-website-victims-2D11586019
0 Comments



Leave a Reply.

    Health Products Favs
    Health Books
    Picture
    filterfluoride
    IGNITEChewable Energy
    Get younger skin the natural way with Chews-4-Health™
    Picture
    Picture
    Liquid Zeolite
    Health Books
    Health Products FAV
    Picture
    Get 50% off Vetisse Jimin Ointment

    Categories

    All
    Articles Of Interest
    Automobile
    Banking
    Banking Laws
    Banking Tools
    Books
    Budget Tips
    Business Start Up
    Calculators
    Calling Help Google
    Cashing In
    Cashing In Info
    Cdars
    Changing State Residency
    Charities
    Check Authenticity Of Dinars
    Computer Security
    Con Men
    Credit
    Credit Cards
    Currency Classifications
    Currency Exchange
    Currency Trading Forex
    Debt
    Delarue
    Dinar Dealers - Check Out License
    Dinar Information
    Email Accounts Set Up
    Entities
    Entities Help
    Fair Debt Collection Practices Act
    Financial Planning
    Financing
    Fincen
    Forex & Currency Converters
    Fractional Banking
    Free
    Free Calling
    Fun
    Gifting
    Health & Wellness
    Home Ownership Help
    Home Safety
    Identity Protection
    Insurance
    Internet Crime Center
    Investing
    Iraq Investing
    Iraq News
    Iraq Stock Exchange Isx
    Lop
    Misc
    Modern Money Mechanics
    Money
    Money Financial Planning
    Money. Financial Planning
    Mortgage Scams
    Mr Anonymous
    Music & Inspiration
    News Sources
    Phone Security
    Post Rv Checklists
    Preparedness
    Pre & Post RV Daily Postings
    Privacy
    Private Banking
    Questions To Ask Professionals
    Real Estate
    Retirement
    Rfid Be Aware
    Safes
    Scam & Fraud
    Scam & Fraud
    Security
    Self Help
    Sent In By Our Listeners
    Shopping
    Straight Talkin Mike
    Sudden Wealth
    Tag Account
    Taxes
    Telephone
    Travel
    Twitter
    Veterans Assistance
    Words Of Wisdom

    Garden of Life