Solved

CryptoLocker

Posted on 2013-10-24
10
807 Views
Last Modified: 2013-10-28
How prevalent are the  CryptoLocker attacks?    

Will using my Ipad to read my email and browse  the internet prevent the attack of CryptoLocker following this procedure?

1. Open and read mail on my internet service providers web site using my Ipad.
2. Delete all unwanted mail on my Comcast email account.
3. Download remaining email to my email account on my Ipad.
4. Transferring the  remaining email to my ICloud email folders.
5. Open email documents using Apple apps to check for problems.
6.  Following #5 open my Icloud mail on my Win 7 pc.
7.  Access the email files using Win7 apps.

Thanks,
Howiie
0
Comment
Question by:Howie Kay
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 250 total points
ID: 39597377
You could take steps on your PC to prevent crypto-locker virus by using procedures mentioned in the following article, "CryptoLocker: A particularly pernicious virus":

http://windowssecrets.com/top-story/cryptolocker-a-particularly-pernicious-virus/ >
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 39598344
Keeping Java, Flash and Windows up-to-date, using Chrome, not opening executables from unknown sources and using a good AV solution like ESET is a good start.
0
 
LVL 2

Author Comment

by:Howie Kay
ID: 39598756
Hi aadih,
Thanks for your help.   The article you reference states the following:

The article is listing ways you can get infected:
1.  "Via an email attachment. For example, you receive an email from a shipping company you do business with. Attached to the email is a .zip file. Opening the attachment launches a virus that finds and encrypts all files you have access to — including those located on any attached drives or mapped network drives."

How is the Zip file attached?   Is it listed as an attachment in the email header?   If not you would not know of it's existence until it was too late?

Reloading a file from a backup would not eliminate the virus, would it?  Would you have to reload your entire backup?

I am a paid member of experts exchange.   Please don't quote what I have already read, if you are trying to help me.   The article is very brief and incomplete.  Lots of questions unanswered.   One of them is written above.

How does reloading a backup eliminate the virus?

Have you read the suggestions on pcmri.com?  If so what is your opinion?


I run a large charity and receive data files by email  to print vouchers for children in need of financial help   This virus could corrupt the entire charities database resulting in a failure to provide help to families in need.

I think I could use some help.   That is why I have been a member of  EE for 15 years.
0
 
LVL 2

Author Comment

by:Howie Kay
ID: 39598792
Hi Aleinss,
Thanks for ypur help.

According to the article referenced by aadih,   this virus cannot be detected by current anti virus applications.   Are they incorrect in their research?
0
 
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 250 total points
ID: 39598813
It's detected by ESET: fact.  However, most AVs, including ESET, take time to update, because someone needs to submit a sample and it needs to be analysed and that takes time.  Once it gets detected, the malware authors change up the code and it creates a new signature: a real cat and mouse game.  No AV solution is 100% effective against new, 0-day threats.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 24

Assisted Solution

by:aadih
aadih earned 250 total points
ID: 39598990
Answers:

(1) Zip file in an email comes as an attachments (like any other attachment).

(2) Complete backup (hard disk image) is needed to go back (to pre-virus state)

(3) PCMRI and such are better avoided.
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606457
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 39606571
As opposed to what?
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606650
Inefficiency,
Ineffectiveness,
Sleepless nights,
False sense of security,
Always being one step behind,
Having your valuable data compromised/destroyed/held for ransom,
Having your network breached at the endpoint,
Subscribing to the unending "update, scan and pray" paradigm,
Unnecessary consumption of organizational and system resources (Everything from CPU cycles, disk I/O, bandwidth to Human Resources, etc.),
Countless hours spent unnecessarily on system recovery,
Need I go on?

What's more effective and efficient?  Automatically reverting compromised machines or applications back to a clean state, or manually diagnosing, rebuilding, re-imaging, and restoring data?

Don't get me wrong.  I'm a devote defense in depth advocate.  Data backup, disaster recovery, etc. should all be a part of the overall strategy.  I merely view this suggestion as an additional, highly effective, layer of the whole.

In a world where one outdated browser plug-in can lead to compromise of your entire private network (see reverse shells, firewall extrusion, Remote Access Trojans (RAT), etc.) or where one need only recompile or encrypt a well known malware specimen to effectively make it undetectable by any signature based scanner, I think the solution speaks for itself...  once ones technical understanding is brought up to par.

The solution is a paradigm shift, and by it's very nature destined to collide with the old paradigms of the day.

Here's some other services worth looking into:
http://www.fireeye.com/
http://www.opendns.com/
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39606770
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now