Decoding Cryptolocker: How it works and how to protect your files (Presentation)

Ransomware-cryptolockerBy now, many people have heard of the devious, file-encrypting ransomware known as Cryptolocker, thanks to media coverage that has sometimes hyped it as the “worst virus ever.” But if you want to understand this threat and how to stop it, we’ve got a quick presentation that takes the mystery out of Cryptolocker.

Chet Wisniewski, Senior Security Advisor at Sophos, explains how Cryptolocker works, minus the hype and a lot of unnecessary security jargon. In the presentation below, Chet explains how you can get infected by Cryptolocker, how it encrypts your files, plus how you can reduce your risk.

Cryptolocker encrypts a victim's files and demands a ransom.

Cryptolocker encrypts a victim’s files and demands a ransom.

As we’ve documented, Cryptolocker first emerged in September 2013 and has quickly evolved as the cybercriminals behind it figure out ways to make more money from their victims. We’ve also showed you how it looks when Cryptolocker takes over your PC.

In the presentation below, Chet shows you the various methods of infection: from opening a malicious spam attachment to visiting booby-trapped websites, or by silent infection from malware droppers already on your computer.

Fortunately, there are ways you can protect yourself from Cryptolocker and other types of ransomware, with the proper security settings and sensible precautions.

“Hopefully there’s a lesson to be learned here for everyone, which is back up your files,” Chet says. “Copy them to a hard drive and store it somewhere safely; use Dropbox; buy Carbonite. There’s lots of backup solutions out there.”

View the presentation below or on Brainshark.

How to stay safe from ransomware

Sophos protects our customers against Cryptolocker and other ransomware threats. You can learn more about Cryptolocker in our online Knowledgebase, and also by downloading our recent whitepaper on ransomware (registration required).

5 thoughts on “Decoding Cryptolocker: How it works and how to protect your files (Presentation)

  1. Pingback: Cryptolocker surfaces in fake UK Royal Mail emails, many victims willing to pay | Sophos Blog

  2. Pingback: How Cryptolocker encrypts your files and extracts a ransom (Video demo) | Sophos Blog

  3. Pingback: SophosLabs: Techniques from APTs showing up in money-making Zbot/Zeus malware | Sophos Blog

  4. Pingback: How malware works: Anatomy of a drive-by download web attack (Infographic) | Sophos Blog

  5. Pingback: Here’s how you can help stop Gameover/Zeus and Cryptolocker | Sophos Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s