• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 829
  • Last Modified:

CryptoLocker

How prevalent are the  CryptoLocker attacks?    

Will using my Ipad to read my email and browse  the internet prevent the attack of CryptoLocker following this procedure?

1. Open and read mail on my internet service providers web site using my Ipad.
2. Delete all unwanted mail on my Comcast email account.
3. Download remaining email to my email account on my Ipad.
4. Transferring the  remaining email to my ICloud email folders.
5. Open email documents using Apple apps to check for problems.
6.  Following #5 open my Icloud mail on my Win 7 pc.
7.  Access the email files using Win7 apps.

Thanks,
Howiie
0
Howie Kay
Asked:
Howie Kay
  • 3
  • 3
  • 2
  • +1
4 Solutions
 
aadihCommented:
You could take steps on your PC to prevent crypto-locker virus by using procedures mentioned in the following article, "CryptoLocker: A particularly pernicious virus":

http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/ >
0
 
Adam LeinssCommented:
Keeping Java, Flash and Windows up-to-date, using Chrome, not opening executables from unknown sources and using a good AV solution like ESET is a good start.
0
 
Howie KaySystems Engineer Lockheed Martin AerospaceAuthor Commented:
Hi aadih,
Thanks for your help.   The article you reference states the following:

The article is listing ways you can get infected:
1.  "Via an email attachment. For example, you receive an email from a shipping company you do business with. Attached to the email is a .zip file. Opening the attachment launches a virus that finds and encrypts all files you have access to — including those located on any attached drives or mapped network drives."

How is the Zip file attached?   Is it listed as an attachment in the email header?   If not you would not know of it's existence until it was too late?

Reloading a file from a backup would not eliminate the virus, would it?  Would you have to reload your entire backup?

I am a paid member of experts exchange.   Please don't quote what I have already read, if you are trying to help me.   The article is very brief and incomplete.  Lots of questions unanswered.   One of them is written above.

How does reloading a backup eliminate the virus?

Have you read the suggestions on pcmri.com?  If so what is your opinion?


I run a large charity and receive data files by email  to print vouchers for children in need of financial help   This virus could corrupt the entire charities database resulting in a failure to provide help to families in need.

I think I could use some help.   That is why I have been a member of  EE for 15 years.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Howie KaySystems Engineer Lockheed Martin AerospaceAuthor Commented:
Hi Aleinss,
Thanks for ypur help.

According to the article referenced by aadih,   this virus cannot be detected by current anti virus applications.   Are they incorrect in their research?
0
 
Adam LeinssCommented:
It's detected by ESET: fact.  However, most AVs, including ESET, take time to update, because someone needs to submit a sample and it needs to be analysed and that takes time.  Once it gets detected, the malware authors change up the code and it creates a new signature: a real cat and mouse game.  No AV solution is 100% effective against new, 0-day threats.
0
 
aadihCommented:
Answers:

(1) Zip file in an email comes as an attachments (like any other attachment).

(2) Complete backup (hard disk image) is needed to go back (to pre-virus state)

(3) PCMRI and such are better avoided.
0
 
Giovanni HewardCommented:
0
 
Adam LeinssCommented:
As opposed to what?
0
 
Giovanni HewardCommented:
Inefficiency,
Ineffectiveness,
Sleepless nights,
False sense of security,
Always being one step behind,
Having your valuable data compromised/destroyed/held for ransom,
Having your network breached at the endpoint,
Subscribing to the unending "update, scan and pray" paradigm,
Unnecessary consumption of organizational and system resources (Everything from CPU cycles, disk I/O, bandwidth to Human Resources, etc.),
Countless hours spent unnecessarily on system recovery,
Need I go on?

What's more effective and efficient?  Automatically reverting compromised machines or applications back to a clean state, or manually diagnosing, rebuilding, re-imaging, and restoring data?

Don't get me wrong.  I'm a devote defense in depth advocate.  Data backup, disaster recovery, etc. should all be a part of the overall strategy.  I merely view this suggestion as an additional, highly effective, layer of the whole.

In a world where one outdated browser plug-in can lead to compromise of your entire private network (see reverse shells, firewall extrusion, Remote Access Trojans (RAT), etc.) or where one need only recompile or encrypt a well known malware specimen to effectively make it undetectable by any signature based scanner, I think the solution speaks for itself...  once ones technical understanding is brought up to par.

The solution is a paradigm shift, and by it's very nature destined to collide with the old paradigms of the day.

Here's some other services worth looking into:
http://www.fireeye.com/
http://www.opendns.com/
0
 
Giovanni HewardCommented:
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now