Cryptolocker Malware Can Hijack Your Data For Ransom!

What is your data worth? What about the data that your business relies on? What type of feelings would you have if you found out that any and all of the company data you have access to has become locked and encrypted?

Imagine an employee enters his office and begins sorting through his morning emails. He has what appears to be a legitimate message from a software company asking him to update software that he uses. This employee downloads the attachment and runs the file. Within a minute, his computer restarts, and he is greeted by a prompt on his monitor asking him to pay money to unlock his data. The employee is understandably confused at what he sees. After a call to his IT department, he learns what has happened: He has become infected with a special form of a computer virus called CryptoLocker, and it has not only locked him out of the files on his computer, but has also locked any and all files he has access to – including all of the company files on the network. Now others in the office cannot access their accounts and databases on the network either, because their files have been encrypted. With the click of a button, this one employee has crippled his computer’s data and all of the data his business has on the network. How would you feel if this happened to you? What if it happened to your company?


The point of this post is to make others aware of the existence of a devious computer infection known as a ransomware. The most prominent of these being called “CryptoLocker”.

What is Cryptolocker?

Ransomware, as they have come to be called, are a relatively new collection of viruses that go above and beyond the level of maliciousness of more traditional malware. When activated, the malware quickly encrypts the data files stored on local drives as well as network drives and DropBox folders, leaving the only key to unlock access to the files on the malware’s servers. The malware may then display a message which offers to decrypt the data if a payment is made by a certain date, and threatens to delete the access key if no payment is made before the deadline passes.

The developers of Cryptolocker malware seek to extort money from the victims in return for their data. They have also gone through great lengths to ensure that payment is the only way to resolve the issue. For example, if you try to reset the clock on your pc to add more time to the payment countdown, the malware will be aware of the change and will delete the access key – harsh punishment for trying to work around their virus. The degree of potential loss and the extent that the developers have gone through to produce this malware is unprecedented.

How To Avoid A Cryptolocker Infection

The same practices that apply to most malware also applies to ransomware. Avoid opening emails and attachments from sources that you are not 100% confident about. Verify that the URL of websites you are pointed towards to download data, and always keep your antivirus up to date. It is a good habit to make a habit of periodically checking with your IT department to become aware of new risks.

What If I Become Infected With Cryptolocker Malware?

Currently the only way to remove a cryptolocker infection and regain access to your data is to pay the fee which is typically between $100 – $500 USD. Do not try to alter the program in any way. Do not try to run a system restore, reset the clock, or uninstall any files. Although it is possible to manually remove the infection you may compromise the decryption key and may not be able to restore the data that has been encrypted.

The threat of ransomware means it is more imperative than ever to regularly backup your data. Our resident IT experts suggest three simple and vital practices that may help limit the extent of an infection if it were to happen to you:

– Frequent and consistent backups of your data
– Up-to-date malware protection
– Adjust permissions to restrict user access to only necessary files

If you do not currently have a solution for backing up your data, now is the time to do so. It is critical that every business has a means of securely backing up their data as it can solve a plethora of unforeseen headaches, including malware infections, data crashes, natural disasters, and more. Your IT professionals at ZumaTech can answer any questions you may have and explore options that may fit your needs.

The devious nature of this infection is unprecedented, and avoiding it should be a top priority. BleepingComputer has a guide containing a collection of information gathered on cryptolocker and other ransomware. This is a great place to start if you would like to learn more.

We’re always here to help! Our clients know that they can contact ZumaTech anytime with questions and concerns, and you can too! Follow ZumaTech on Twitter and Facebook to engage with us and to receive updates of current news and trends!

Andrew Lopez
Follow Us

Leave a Reply