The CryptoLocker virus is in the news. You probably have heard about it, which demonstrates how the media is doing its job. Perhaps this is a replay of the Michelangelo virus from the early 1990s? Or maybe it’s just another way the anti-virus companies found to up their sale? Or could it be real?
Well, it is real. The virus exists and it does its dirty work exactly as described: The virus infects your PC via email attachment. (Macs are currently immune.) It encrypts data files. Then is displays a ransom notice. That’s all known and verified. Scary stuff.
Message from the media: Flee! Just don’t use your computer! Scream in anguish!
Yes, it’s terrifying to think that you could lose all your files to some overseas scammer. I have two questions: What’s the infection rate and when did that rate peak?
You see, the media loves to blow up issues out of proportion. Despite great efforts,computers remain frightening, confusing chunks of technology. Most people don’t know how they really work. So the typical American news media target, whom I envision as an older person who completely loves Alex Trebek and Pat Sajak, is going to suffer palpitations over this kind of news.
My kids, on the other hand, greeted my explanation of the virus with, “Meh.” They then proceeded to tell me which new games are coming out this month.
Anyway, down to business.
Cryptolocker first appeared in early September this year (2013). So far, it looks like the total number of infections stands at 1,000. Most of those are in the US and a great chunk are in Europe. Now 1,000 people isn’t that great, which is good news. Yet I don’t recall the media pointing that out.
According to Symantec, only 3 percent of infected users have bothered to pay the ransom. That sounds pitiful, but for an online scam (and, yes, an abusive one) that’s actually a very good return. Most spam marketers shoot for about 1.5 percent return.
Every time a ransom domain appears, the Good Guys shut it down: They redirect requests to the domain to a DNS black hole. Effectively, anyone trying to pay the ransom is thwarted because the referenced web site no longer can be reached. That does draw into doubt the 3 percent figure.
In the end, it looks like a typical virus and I would even postulate that the infection rate is far lower than the Bad Guys intended.
As a comparison, the Michelangelo virus infected millions of computers back in the 1991 and 1992. Of those infected, anywhere from 10,000 to 20,000 users reported losing data. If the information I have on CryptoLocker is accurate, it’s a threat, but not a pervasive one.
The best news, of course, is that you can easily thwart this infection. As I’ve repeated over and over in my books: Don’t open any unexpected email attachments. It’s that simple. CryptoLocker is payload in a ZIP or PDF file. If you get one, kill it. Reply to the sender and ask them whether they intended to send you a file? If so, it’s okay and have them resend it. Do that, and CryptoLocker won’t be a threat to you.
Oh, and you could also get a Macintosh, but that’s a topic for another day.
