Solved

CryptoLocker

Posted on 2013-10-24
10
805 Views
Last Modified: 2013-10-28
How prevalent are the  CryptoLocker attacks?    

Will using my Ipad to read my email and browse  the internet prevent the attack of CryptoLocker following this procedure?

1. Open and read mail on my internet service providers web site using my Ipad.
2. Delete all unwanted mail on my Comcast email account.
3. Download remaining email to my email account on my Ipad.
4. Transferring the  remaining email to my ICloud email folders.
5. Open email documents using Apple apps to check for problems.
6.  Following #5 open my Icloud mail on my Win 7 pc.
7.  Access the email files using Win7 apps.

Thanks,
Howiie
0
Comment
Question by:Howie_Lynn
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 250 total points
ID: 39597377
You could take steps on your PC to prevent crypto-locker virus by using procedures mentioned in the following article, "CryptoLocker: A particularly pernicious virus":

< http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/ >
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 39598344
Keeping Java, Flash and Windows up-to-date, using Chrome, not opening executables from unknown sources and using a good AV solution like ESET is a good start.
0
 
LVL 2

Author Comment

by:Howie_Lynn
ID: 39598756
Hi aadih,
Thanks for your help.   The article you reference states the following:

The article is listing ways you can get infected:
1.  "Via an email attachment. For example, you receive an email from a shipping company you do business with. Attached to the email is a .zip file. Opening the attachment launches a virus that finds and encrypts all files you have access to — including those located on any attached drives or mapped network drives."

How is the Zip file attached?   Is it listed as an attachment in the email header?   If not you would not know of it's existence until it was too late?

Reloading a file from a backup would not eliminate the virus, would it?  Would you have to reload your entire backup?

I am a paid member of experts exchange.   Please don't quote what I have already read, if you are trying to help me.   The article is very brief and incomplete.  Lots of questions unanswered.   One of them is written above.

How does reloading a backup eliminate the virus?

Have you read the suggestions on pcmri.com?  If so what is your opinion?


I run a large charity and receive data files by email  to print vouchers for children in need of financial help   This virus could corrupt the entire charities database resulting in a failure to provide help to families in need.

I think I could use some help.   That is why I have been a member of  EE for 15 years.
0
 
LVL 2

Author Comment

by:Howie_Lynn
ID: 39598792
Hi Aleinss,
Thanks for ypur help.

According to the article referenced by aadih,   this virus cannot be detected by current anti virus applications.   Are they incorrect in their research?
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 39598813
It's detected by ESET: fact.  However, most AVs, including ESET, take time to update, because someone needs to submit a sample and it needs to be analysed and that takes time.  Once it gets detected, the malware authors change up the code and it creates a new signature: a real cat and mouse game.  No AV solution is 100% effective against new, 0-day threats.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 24

Assisted Solution

by:aadih
aadih earned 250 total points
ID: 39598990
Answers:

(1) Zip file in an email comes as an attachments (like any other attachment).

(2) Complete backup (hard disk image) is needed to go back (to pre-virus state)

(3) PCMRI and such are better avoided.
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606457
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 39606571
As opposed to what?
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606650
Inefficiency,
Ineffectiveness,
Sleepless nights,
False sense of security,
Always being one step behind,
Having your valuable data compromised/destroyed/held for ransom,
Having your network breached at the endpoint,
Subscribing to the unending "update, scan and pray" paradigm,
Unnecessary consumption of organizational and system resources (Everything from CPU cycles, disk I/O, bandwidth to Human Resources, etc.),
Countless hours spent unnecessarily on system recovery,
Need I go on?

What's more effective and efficient?  Automatically reverting compromised machines or applications back to a clean state, or manually diagnosing, rebuilding, re-imaging, and restoring data?

Don't get me wrong.  I'm a devote defense in depth advocate.  Data backup, disaster recovery, etc. should all be a part of the overall strategy.  I merely view this suggestion as an additional, highly effective, layer of the whole.

In a world where one outdated browser plug-in can lead to compromise of your entire private network (see reverse shells, firewall extrusion, Remote Access Trojans (RAT), etc.) or where one need only recompile or encrypt a well known malware specimen to effectively make it undetectable by any signature based scanner, I think the solution speaks for itself...  once ones technical understanding is brought up to par.

The solution is a paradigm shift, and by it's very nature destined to collide with the old paradigms of the day.

Here's some other services worth looking into:
http://www.fireeye.com/
http://www.opendns.com/
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606770
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now