If you are reading this blog, chances are that you have been bombarded with news and information about the infamous, Cryptolocker for months now. However, for a threat THIS dangerous, it’s important to get the word out as much as possible and in as many ways as possible.
A blog post written today on the Technet Blog site by Marianne Mallen and Karthik Selvaraj provides some very interesting statistical data about the Cryptolocker infection over the last few months. In it, they say that 34,000 systems have been infected between this September and early November.
However, that number might become much larger with the announcement from the U.K.’s National Crime Agency, warning of a massive spammed e-mail attack containing Cryptolocker variants against U.K. residents, potentially millions of users could fall victim.
They also mention that Cryptolocker affects mostly English speaking countries, with all of the currently seen distribution e-mails (with Cryptolocker attached) are written in English. In addition, 79% of the infections have been located in the U.S. alone. Again, the latest news from the U.K. might change that number but it does support the English speaking targets statistic.
Finally, they make note that Cryptolocker is being distributed by other malware as well, such as ZBot, a widely used and spammed banker trojan. Their data is very interesting and well worth the read.
As a countermeasure, they of course reference backups but also recommend using Windows System Restore and even Skydrive for Windows 8.1.
So if you are wondering when you are going to STOP hearing about Cryptolocker, the answer is probably not for a very long time. As I mention in the soon to be published Malwarebytes 2013 Threat Report, Cryptolocker is only the beginning of this style of Ransomware.
As we have seen a great reduction in the “FBI” style Ransomware, this new method, which made a huge blow to the security community, will most likely become the new standard for 2014. So while you might not be hearing about new Cryptolocker infections 6 months from now, you will most certainly be hearing about malware that was developed with Cryptolocker in mind.
At the end of the day, users are going to have to be more proactive and take the security of their own documents and images much more seriously. Backups, updates and protection for your operating system is a requirement and will continue to be so as we move into the next year.
Thanks for reading, safe surfing and DFTBA!