The UK National Crime Agency’s National Cyber Crime Unit (NCCU) is warning of a mass email-borne malware campaign...
aimed at small and medium enterprises (SMEs) and consumers.
The NCA warning comes a week after the US computer emergency response team (US-Cert) issued a similar warning to US computer users.
Security firm BitDefender found that in the week starting 27 October 2013, more than 12,000 computers in the US were infected with the Cryptolocker malware, reports the International Business Times.
The malware is designed to encrypt files on the infected computer and any network it is attached to and then demand the payment of a ransom of around £500 in Bitcoins to unlock the files.
Cryptolocker will encrypt files not just on the hard disk, but also any connected drives, including mapped network shares, and even folders that might sync up with the Cloud such as DropBox, said independent security advisor Graham Cluley.
More on ransomware
- How to protect data from ransomware malware
- Spanish police arrest ransomware cyber gang
- PCeU arrests three suspected ransomware blackmailers
- Polymorphic ransomware tops malware charts
- FortiGuard Labs sees fast rise of mobile malware in 2013
- Panda spots new ransomware
- Ransomware and computer blackmail viruses: a history
- Has ransomware made a comeback?
- New ‘ransomware’ virus at large
- Ransomware: How to deal with advanced encryption algorithms
CryptoLocker is a Trojan that is typically distributed by mass email messages with attachments that install the malware and targets computers running versions of Microsoft’s Windows operating system, but does not affect computers running Apple's Mac OS, he wrote in a blog post.
The NCA said it would never endorse the payment of a ransom to criminals and warned that there is no guarantee the files will be unlocked.
"The NCA is actively pursuing organised crime groups committing this type of crime,” said Lee Miles, deputy head of the NCCU.
“We are working in co-operation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public," he said.
Miles said anyone who is infected with this malware should report it through ActionFraud, the UK’s national fraud and internet crime reporting centre.
The NCCU said prevention is better than cure and that UK SMEs and consumers should:
- Not click on any such attachment.
- Update antivirus software and operating systems.
- Backup files routinely to a location off the network.
- Disconnect any infected computers from the network.
- Seek professional help to clean infected computers.