Security Corner

Oct 26 2013   10:44PM GMT

Got CryptoLocker? Your data is probably toast

Ken Harthun Ken Harthun Profile: Ken Harthun

CryptoLocker is a particularly nasty piece of malware that encrypts dozens of file types including .doc, .xls, .ppt, .pst, .dwg, .rtf, .dbf, .psd, .raw, and .pdf  then demands you pay a “ransom” to get the key to unlock your data. If you see this pop-up on your PC, you’ve been infected:


They make it sound bad, don’t they. Truth is, there is probably no way to get your data unless you risk paying the money to the criminals. Here’s what Windows Secrets has to say about it:

There are no patches to undo CryptoLocker and, as yet, there’s no clean-up tool — the only sure way to get your files back is to restore them from a backup.

Some users have paid the ransom and, surprisingly, were given the keys to their data. (Not completely surprising; returning encrypted files to their owners might encourage others to pay the ransom.) This is, obviously, a risky option. But if it’s the only way you might get your data restored, use a prepaid debit card — not your personal credit card. You don’t want to add the insult of identity theft to the injury of data loss.

That last part is very good advice, but you still risk losing your money and not getting your data back. How can you trust a criminal to keep their promise?

You best strategy at this time is prevention. Antivirus software won’t catch CryptoLocker and limiting admin rights on your computer has no effect, either. To ensure that you will be able to recover your data, the most reliable method is frequent backups. Should CryptoLocker slam you, restoring your data from backup will save your bacon.

If you are running Windows XP Professional or higher, you can set Group Policy to prevent execution of the malware. If you are technically inclined and adventurous, has a comprehensive guide of some things you can try that might work to help you recover data.

Good luck!

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • js8425
    Ive had that pop up when using comodo ice dragon. It was running through their secure dns option. I just closed the browser with task manager and reopened it, no problem
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: