3aIT Blog

Researchers have discovered an altered version of Cryptolocker - a nasty bit of ransomware (i.e. something that demands money to fix the problems it causes) that has been doing the rounds for the past year or so.

We have blogged about Cryptolocker before. For those that don't know, the quick description is that once run, Cryptolocker then searches out and encrypts any files it can (on both your personal computer, and any files you have access to on your network). These files are then unretrievable unless you pay an amount per file to unencrypt.

This particular varient is spreading through maliciously constructed online adverts rather than via email attachments (although that's not to say that an email couldn't contain a link to a web page with this attack on it). Malicious advertising uses known flaws in internet browsers to bypass your operating system's security checks and install things onto your machine without your knowledge. The best defense against this is to make sure you're always running the latest version of your browser and to make sure you're running a good virus / malware scanner. Also, if possible, make sure your operating system prompts you if anything tries to install itself without your knowledge.