Skip Navigation LinksHome > Tools and Resources > News

Welcome to the newsroom

Malicious Software Attack "CryptoLocker"

11/1/2013 11:50 AM

Category: Alerts and Scams

The State of Idaho and the FBI have issued a high alert regarding the "CryptoLocker" software attack. There has been an alarming amount of people falling victim to this virus as it presents itself in the form of an email message that will look familiar but will carry an executable (.exe will most likely appear if your mouse hovers over the link).

CryptoLocker has been called "the nastiest malware ever" and results in a person opening a malicious email attachment, which runs a process that encrypts not only all of the files on a computer's hard drive, but also files on attached network servers.

Once files have been encrypted, a ransom (often several hundred dollars) must be paid to restore access to the encrypted files by a certain date and time. If the ransom is not paid, the encrypted data is deleted.

CryptoLocker is spread through phony emails designed to look like they're from legitimate businesses and fake FedEx and UPS tracking notifications. Once opened, CryptoLocker installs itself in the "Documents and Settings" folder, scans the hard drive and encrypts certain file types, including documents associated with Microsoft Word and Adobe Photoshop. CryptoLocker then launches a pop-up window with the 100-hour countdown and provides details on how to pay the ransom.

The email that was reported to the State of Idaho had the subject line "Voice Message from Unknown" which has a zip of message attachment with an executable inside. When the user clicks on the executable it installs malware on their computer that then encrypts ALL devices that are mapped to, and accessible by, the user.

DO NOT CLICK ON EMAIL LINKS OR ATTACHMENTS if you are not sure of whom it’s from or have verified that it is a valid attachment.

Click the link below to view the Public Service Announcement posted by the FBI.