On September 10th, 2013, a new ransomware known as Trojan:Win32/Crilock.A began attacking computers all over the Internet, locking users out of their PCs and putting company’s sensitive data at risk. If your computer gets infected, then it could mean real problems for you and your company’s computer users. Here are the details on what this virus does and what you can do to prevent becoming a victim.
How Does Your PC Get Infected?
Trojan:Win32/Crilock.A is a malware downloaded by other malware. This means you don’t have to directly download it from the source; therefore, careful internet usage might not be enough to protect you from this specific threat. This malware is still new enough that the source has yet to be identified by industry security experts, but because we know it’s a malware, we know that it will find its way onto your PC through unsafe web browsing practices like, visiting disreputable URLs, opening spam, along with all actions a user can do to override their company’s internet security policies.
There’s a chance that the malware responsible for downloading this virus has already infected your computer, now its just waiting to receive its command to download the Trojan:Win32/Crilock.A from the source. One preventive action you can take is to make sure your antivirus software is up to date and you have downloaded the latest virus definitions, which should include updates for the new Trojan:Win32/Crilock.A. It is very important that you run a virus scan so that your antivirus software can identify and remove all instances of malware on your PC, including the one responsible for downloading Trojan:Win32/Crilock.A.
How Bad is It?
Once infected with Trojan:Win32/Crilock.A, your PC will make changes to your Windows registry to ensure that the virus will run every time you start your PC. This plays right into a user’s instinctive reaction to restart their computer as soon as they notice things starting to get buggy. In this virus scenario, a restart will not help in any way because the Trojan:Win32/Crilock.A will make changes to your registry with every restart.
When the virus has fully penetrated your system, it will then lock you out of your desktop with a browser window taking up the full screen. After the virus has successfully locked you out, the virus will then encrypt the files on your PC in order to prevent you from accessing them. This is what’s known as “ransomware”, because the virus will literally hold your PC ransom.
Hackers Want Your Money
Like any ransom scenario, the Trojan:Win32/Crilock.A programmer wants money. The ransomware even walks you through easy-to-follow menus so you can make a payment to the evil doer. Additionally, while you are locked out of your PC, your sensitive information is being accessed and potentially copied.
The virus notifies you that the only way to gain access to your PC and “get rid of” this ransomware is to pay the hackers whatever price they are requesting. Once you make a payment, you will be provided with a software key that’s unique to your computer that will “unlock it.” To make sure you don’t have time remove the virus, the ransomware will give you 72 hours to meet its demands, otherwise, it will erase the key, leaving you with a computer full of encrypted files that you won’t be able to access; and if you try to tamper with or remove the ransomware software, the key will be destroyed, rendering your PC worthless.
How Can You Stop It?
Trojan:Win32/Crilock.A is a nasty virus. If your computer is infected then the best course of action is to wipe your drive and reload your uninfected data (from your backup) onto your PC. You will also want to scan your backed up data to make sure it’s clean before reinstalling. Paying the ransom will let you access your computer, but it will not get rid of the virus or prevent the hacker from asking for more money in the future. Even after you pay the money the virus will still be installed on your machine, waiting for the opportune time to strike again. The short story here is don’t ever pay a hacker.
Nasty ransomware like this will require professional intervention. Call us at (973) 882-4644 to have our team of IT Security Experts fix this or any other virus infecting your systems. The severity of the Trojan:Win32/Crilock.A virus highlights the importance of having a strong network security protocols in place, along with a dependable data backup and data recovery solution. Quikteks can set up your system with a strong hardware firewall to prevent nasty viruses like malware, ransomware, and all the other viruses that prevent your business from being productive. To be sure you are properly protected from threats like this; call us today for a free network security audit.