Trojan:Win32/Crilock.A Nasty Ransomware You Need to Guard Against

On September 10th, 2013, a new ransomware known as Trojan:Win32/Crilock.A began attacking computers all over the Internet, locking users out of their PCs and putting sensitive information at risk. If your computer gets it, then you're in for a world of hurt. Here are the details on what this virus does and what you can do to prevent it.

How Does it Infect Your PC?
Trojan:Win32/Crilock.A is a malware downloaded by other malware. This means you don't have to directly download it; therefore, careful Internet browsing and keeping an eye out for this particular threat might not be enough. This malware is still new enough that the source has yet to be determined, but because we know it's a malware, we know that it will find its way onto your PC through unsafe web browsing practices like, visiting malicious URLs, downloading spam, along with all actions a user can do to override their security solution.

There's a chance that the malware responsible for downloading this virus is already on your computer, just waiting to receive its command to download the Trojan:Win32/Crilock.A (an action that doesn't require your permission). One preventive action you can take is to make sure your antivirus software is up to date and you have downloaded the latest virus definitions, which should include information on the new Trojan:Win32/Crilock.A. Take the time to run a virus scan so that your antivirus software can identify and remove all the malware on your PC, including the one responsible for downloading Trojan:Win32/Crilock.A.

How Bad is It?
Once your PC is infected with Trojan:Win32/Crilock.A, it will make changes to your Windows registry to ensure that it will run every time you boot your PC. This plays right into a user's instinctive reaction to restart their computer as soon as they notice things starting to get buggy. In this virus scenario, a restart will not help because the Trojan:Win32/Crilock.A will make changes to your registry with every restart.

With the virus fully installed on your system, it will then lock you out of your desktop with a browser window taking up the full screen. With you locked out, the virus will then encrypt the files on your PC like your fixed and remote drives in order to prevent you from accessing them. This is a classic example of what's known as "ransomware", because the virus will literally hold your PC ransom.

What Does it Want?
Like any classic ransom scenario, the Trojan:Win32/Crilock.A wants your money. The ransomware is nice enough to walk you through easy-to-follow menus so you can make a payment. It will even tell you which friendly retailer you can visit to obtain this payment option. Additionally, while you are locked out of your PC, your sensitive information is being accessed.

The virus will inform you that the only way to gain access to your PC and "get rid of" this ransomware is to pay the hackers. Upon payment, you will be provided with a key that's unique to your computer that will "unlock it." To make sure you don't have time to figure out a fix, the ransomware will give you 72 hours to meet its demands, otherwise, it will destroy the key, leaving you with a computer full of encrypted files that you won't be able to use; and if you try to tamper with the ransomware software, the key will be destroyed, rendering your PC worthless.

How Can You Stop It?
Trojan:Win32/Crilock.A is a pretty nasty virus. If your computer is infected with it, then the best course of action is to wipe your drive and load your uninfected backed up data. You will also want to scan your backed up data to make sure it's clean. Paying the ransom will let you access your computer, but it will not get rid of the virus. Even if you pay the money the virus will still be installed on your machine, waiting for the opportune time to strike again.

A nasty ransomware like this will require professional assistance. Call us at 607.433.2200 to have our team of IT technicians take care of this or any other virus ravaging your system. The severity of the Trojan:Win32/Crilock.A virus highlights the importance of having a strong network security tool in place, along with a dependable backup and data recovery solution. Directive can set up your system with a strong firewall to prevent nasty viruses like malware, ransomware, and all the other viruses that will wear down your business. To check how protected your company is from threats like this; call us today for a free network audit.