CryptoLocker - nasty malware, and things to do about it.

[Fairportfan]

The CryptoLocker malware is nasty stuff.

Here's a post from Gizmo's Freeware talking about it, and linking to some things that you can do to prevent it (aside from not opening e-mails from odd sources, visiting dodgy internet sites and the like...).

Note that there are a couple of other possibilities mentioned in the reader comments.

[Jabberwonky]

Just got home and the computer here is infested with those annoying hijack warez. I can only imagine how friggin' pissed I'd be over this one. There's got to be some kind of law against this right? It's blackmail...

[Dave]

Just got home and the computer here is infested with those annoying hijack warez. I can only imagine how friggin' pissed I'd be over this one. There's got to be some kind of law against this right? It's blackmail...

Extortion, I think... technically "blackmail" is a specific subclass of extortion, in which the threat is to reveal something unless you pay "hush money". This is a slightly different type of extortion.

Yes, it's definitely illegal, and not just for that reason. Arguably, almost any piece of malware violates Federal "unauthorized access to a protected computer system" law (any computer which is used in interstate commerce in any way is "protected" under Federal jurisdiction). The email alerts I've gotten about this, suggest that the FBI is organizing an investigation and trying to track the perps. With luck and good investigation, eventually, the money trails and the "command and control" data paths will converge to a specific set of locations and people.

The thought of seeing the international thug-gangs who run this sort of operation be caught, hauled to the U.S., duly tried and convicted, and sentenced to years of hard time is almost enough to make me want to tolerate the idea of extraterritorial strike teams, black helicopters, and extraordinary rendition

[Fairportfan]

The term "blackmail" originates in kidnapping schemes during the reiving days on the Border...

Wikipedia tells us

The word is variously derived from the word for tribute (in modern terms, protection racket) paid by English and Scottish border dwellers to Border Reivers in return for immunity from raids and other harassment. The "mail" part of blackmail derives from Middle English male, "rent, tribute."[10] This tribute was paid in goods or labour (reditus nigri, or "blackmail"); the opposite is blanche firmes or reditus albi, or "white rent" (denoting payment by silver). Alternatively, Mckay derives it from two Scottish Gaelic words blathaich pronounced (the th silent) bla-ich (to protect) and mal (tribute, payment). He notes that the practice was common in the Highlands of Scotland as well as the Borders.

George MacDonald Fraser talks about blackmail in his wonderful history of the reivers, The Steel Bonnets.

[Catawampus]

. . .sentenced to years of hard time. . .

Condemned to work at a computer help desk with no holidays?

[Mark N]

The problem with stopping theses asshats is that they can be anywhere and bounce the connection off of so many places that it is almost impossible to track them down. And if you do track them, they end up in some country with no extradition policy and no wish to help.

[ActionKermit]

Cryptolocker is serious business. But as subscribers of the talesfromtechsupport subreddit saw in the case of Warlizard's company, it's possible to wind up in even worse trouble if you don't maintain redundant backups with an effective key management policy.

Yes, it's the Warlizard from the Warlizard forums.