According to recent reports, a software known as CryptoLocker is believed to have infected thousands of computers in a bid to make money by blackmailing computer users and holding their personal files for ransom.
The malware, also categorized as ransomware, spreads from computer to computer through e-mails with attachments and file downloads with double extensions.
While users might be downloading songs or images, they could get a hidden executable for the malware, which infects the computer as soon as it is run.
Once infected, the computer is connected to an external server on the internet and a private key is generated to encrypt the user’s personal files.
The virus encrypts several different file formats, including:
*.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.pdf, *.eps, *.ai, *.indd, *.cdr, *.jpg, *.jpe, *.jpg, *.dng, *.3fr,*.odt, *.ods, *.odp, *.odm, *.odc, *.odb, *.doc, *.docx, *.docm, *.wps, *.xls, *.xlsx,
*.xlsm, *.rwl, *.rw2, *.r3d, *.ptx, *.pef, *.srw, *.x3f, *.der, *.cer, *.crt, *.pem, *.pfx, *.p12, *.p7b, *.p7c.*, .xlsb, *.xlk, *.ppt, *.pptx, *.pptm, *.mdb, *.accdb, *.pst, *.dwg, *.dxf, *.dxg, *.wpd, *.rtf, *.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.pdf, *.eps, *.ai, *.indd, *.cdr, *.jpg, *.jpe, *.jpg, *.dng, *.3fr, *.arw, *.srf, *.sr2, *.bay, *.crw, *.cr2, *.dcr, *.kdc, *.erf, *.mef, *.mrw, *.nef, *.nrw, *.orf, *.raf, *.raw
After the files are encrypted, users are shown a pop-up message which explains what has happened and lays out the terms of the ransom. Typically users are given a couple of days to pay a specific amount of money in order to get the decryption key for their files.
The malware also warns that any attempt to modify the software or delete it will result in deletion of the decryption key from the server, which means no one will ever be able to decrypt those files.
The encryption technology used by the software is believed to be similar to commercial solutions, which means it would take years to try and decrypt the files without a key.
Computer and internet users are suggested to update their antivirus programs and perform full system scans to remove any instances of malware. Moreover, they are advised not to open, download or install untrusted attachments or software on their computers.