CryptoLocker is a form of ransomware that targets
computers by
disguising itself as a legitimate attachment that, when opened, locks up all
the files of an infected computer, including backup files. Only the hackers
have the decryption key, demanding $300, or two Bitcoins, to release it.
Now, to add insult to injury, the gang behind the
malware has created a customer service site for victims who need help in making
the payment, according to a report from The Today Show.
People can use CryptoLocker Decryption Service to check the status of their
payment and complete the transaction, at an additional cost.
“They were leaving money on the table,” said Lawrence
Abrams, who has tracked the spread of this malware on BleepingComputer.com. “They
created this site to capture all of the money they were losing because people
couldn’t figure out how to make the ransom payment or missed the deadline.”
There is a 72-hour deadline to pay for the decryption
key, which jumps from two Bitcoins to 10, or nearly $4,000 on today’s market,
if missed. A Bitcoin is a peer-to-peer digital currency which the U.S
Department of Justice and the Securities and Exchange Commission consider a
legitimate financial instrument.
According to Abrams, CryptoLocker uses Zip files to
worm its way into computers and is password protected, which allows it to get
past security software. He added that the password has been “PaSdlaoQ” for
everyone so far.
The advice to protect users from the malware is not
new: Don’t open attachments from unknown senders, have up-to-date security
software, and back up files often.
“This is scary stuff,” said Brian Krebs on the
KrebsOnSecurity blog. “People need to rethink how they
protect their important files.”
