CryptoLocker Virus – Best Practices to Ensure 100% Immunity

October 25, 2013 | By Kimberly Reynolds

You may have heard of the latest virus, CryptoLocker, by now. The virus is a form of ransomware, a class of malware that, once installed on a system, restricts access to the system until the user pays a ransom. CryptoLocker (shown below) is infiltrating users’ systems via drive-by downloads and phishing email attachments. Once the user opens the malicious message, CryptoLocker installs itself on the user’s system, scans the hard drive, and encrypts the files. All files are rendered inaccessible to the user until he or she pays a ransom to receive a decryption key.

Comodo

The good news is, if you currently have Comodo Internet Security (CIS) installed on your computer, you are 100% safe from this threat! Below are Comodo’s best practices, that if followed, ensure you will stay 100% immune to the CryptoLocker virus as well as all the other viruses and malware found in this crazy place we call the Internet.

Be Proactive
Once installed, CIS is able to stop 100% of threats by isolating all unknown applications (malicious or not). If the threat is known to be malicious, the Antivirus for Windows 8 (AV) will detect the signature and prevent the encryption of your files. If the threat is unknown, the HIPS will stop it from accessing protected files by automatically running it in the sandbox. Therefore, even before CryptoLocker became a known virus, CIS would automatically sandbox it to prevent encryption of your files. However, just to cover all our bases, let’s say the AV misses CryptoLocker. What happens then?

If Comodo’s AV happened to miss CryptoLocker, as long as you are practicing the EASIEST and SAFEST browsing habit, you will still be 100% safe from the virus, and all other viruses for that matter. The easiest and most secure way to practice safe browsing is to only browse the web through CIS. As shown, the Comodo Internet Security (CIS) User Interface (UI) that usually appears at the upper right-hand corner of your Desktop (depending on user preferences) includes the following browsers: Comodo Dragon, Comodo IceDragon, Internet Explorer, Chrome, and Firefox.
Internet Security

Simply click on the browser you prefer and it will be launched in “safe mode.” This means that no matter what website you visit or what virus may be installed while you’re browsing, it will not affect your actual computer or files. That’s because when you browse using CIS, you are browsing in the Comodo sandbox, which is essentially a virtual machine. The ONLY difference in appearance between browsing through CIS and using the regular version of any of the above browsers is the green bar around the window to indicate that you are browsing in the sandbox. Everything else – from your user preferences to the browser layout – is the same.

Comodo Internet Security

Browsing through CIS answers the question of how to stay protected from CryptoLocker, but what do you do if you’re already infected?

You Have CryptoLocker – Now What?
Don’t worry; there is hope for you in the form of Comodo Rescue Disk (CRD), a bootable disk image that allows users to run virus scans in a pre-boot environment.

Comodo

CRD cleans your system before Windows is loaded, providing a more comprehensive and thorough scan than you would receive with regular malware cleaning applications. This scanning tool is intended for the removal of malware that embeds itself so deeply into your system that regular AV software cannot effectively remove it. In the case of CryptoLocker, CRD is ideal because it is very effective at removing infections that are preventing Windows from booting in the first place. You can find more details about using Comodo Rescue Disk on our help page at: help.comodo.com

Unfortunately, if you are not currently following best practices and have become infected with CryptoLocker, once your files are encrypted, you cannot get them back without paying the ransom (which also has no guarantee of working). That’s because CryptoLocker uses asymmetric encryption in which you need a private key to decrypt. Currently, there is no other way around this. Still, it is imperative to remove the malware and you can easily do this by downloading CRD which will find CryptoLocker and kick it out.

Additional Best Practices

Virtual Kiosk
Another option for safe browsing is Comodo’s Virtual Kiosk that is similarly included with CIS. Virtual Kiosk uses the same technology utilized in browsing through CIS so your system will stay 100% protected even while visiting risky websites or performing other potentially harmful tasks. The only difference between Virtual Kiosk and browsing through CIS is the way the user interface looks.

Comodo Internet Security

You can see all of the spectacular uses for Virtual Kiosk described in this blog post: Google’s New Desktop Chrome Apps Experience is Following In Comodo’s Footsteps.
Back up your data

Backing up your online data can often prove to be a wise precaution because you can instantly recover your precious files after a potentially devastating loss of data. It’s an even better idea to back up your data to an encrypted location like CCloud. Used in conjunction with Comodo Backup (CB), you can ensure your files are always safe and can easily be restored when needed. CB provides access to your online files and allows you to create regular, ongoing backups of local data with your CCloud storage space as the backup destination. It’s a breeze to set up – Comodo Backup will find and categorize all of your music, videos, photos and mail so you can immediately start copying what’s important to you. There’s no need to risk having to pay the bad guys. Instead, format your drive and recover all of your files from your backup. If the bad guys have encrypted your drive, just format and restore it from the backup you so wisely created beforehand.

When browsing through CIS, you are 100% immune to attacks from the web regardless of what potentially dangerous website you’re visiting. Once you’re done browsing, simply close out the browser and reset your sandbox to “clean it out.” It’s simple, easy, convenient, and most importantly, 100% secure.

If you’re not already being proactive and practicing safe browsing habits like the tens of millions of users already protected by CIS, download today!

Free CIS Download or CIS Pro Download

Be Sociable, Share!

    Comments

    Minomoto November 1, 2013 at 10:38 am

    Why can’t security vendors figure out how to decrypt stolen files and get them back?

    Reply
    Ypi November 6, 2013 at 12:21 am

    That happens because the files are truly encrypted.
    “About the only thing it didn’t touch were system files and .exe’s, encrypting most everything else with 2048-bit RSA keys that would take like a quadrillion years to decrypt. Once the infection happens, it can even [spread] from someone on a home PC [using a VPN] to access their work network, and for me that’s the most scary part.”
    source: http://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/

    Reply
    Alex R November 6, 2013 at 2:39 pm

    cause its RSA 2048 key encryption. not even the best supercomputer can decrypt the key in a timely fashion.

    Reply
    soemer January 24, 2014 at 10:55 pm

    I browsed and downloaded a lot of files using ICS and finally I discovered that I can access to those files only when I open the folder while I am in ICS and see them but I can not copy them to another file as if they are locked.
    Can you help? I do use browser in ICS as user and not as admin.
    And my ICS shows always in red at risk but for me most important issue is to access tio the files in not ICS mode whichI downloaded in ICS mode

    Thanks

    Reply
      Kevin Judge February 3, 2014 at 7:39 pm

      It sounds like you are using the Virtual Desktop or a sandboxed browser when doing the download.
      The files are saved under a folder that cannot be used outside the sandbox, but has the same name as the one in your file system

      Reply

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>