Smart SpendingSmart Spending

New malware steals your files forever

The scariest part of the new virus is there is no fix, so it's crucial to avoid getting it in the first place.

By Nov 7, 2013 2:50PM

This post comes from Deena Coffman at partner site on MSN MoneyIt’s always a good idea to back up your computer files. But now it’s a great idea.

An especially nasty form of ransomware  -- known as CryptoLocker -- was recently discovered, and it puts computer users at risk of losing their files forever.

Damaged laptop © Jason Stang, Photo LibraryIn most forms of ransomware, infected computers "freeze" and essentially are held hostage until a ransom is paid. Perhaps the best-known and most widespread scheme is false messages claiming to be from the FBI, accusing computer users of watching child porn or some other illegal online activity. A “fine” is demanded to unfreeze the computer.

That and other types of ransomware usually can be fixed -- though sometimes a professional using specialized software is necessary.

There is nothing new about ransomware -- different forms of it have been circulating since 1989 -- but in recent weeks Internet security firms have reported a surge in computers affected. Once CryptoLocker infiltrates your computer, it encrypts your files -- making them unreadable and permanently unusable unless you decrypt them with the attacker’s "private key," which is unlikely to happen even if you part with the demanded ransom.

Currently, infected users are instructed (via the displayed warning) to pay $300 to receive this private key within 100 hours or "the server will destroy the (private) key," warns a pop-up that freezes your computer, and "nobody and never will be able to restore files."

Although anti-virus experts are hard at work, currently there is no fix. And while techies can often remove ransomware that simply freezes computers, encrypted files are trickier. So an off-computer backup of files -- such as a USB drive -- can be good insurance.

Since there’s no guarantee (or even evidence) that paying the demanded ransom will retrieve files from infected computers, it’s also wise to follow these to avoid this situation in the first place. That means:

  • Don’t click on email attachments unless you know the sender and what the attachments are.
  • Be careful when surfing on music sites or doing online searches of celebrities or other in-the-news topics. They often lead to malware-laden websites or links.
  • Avoid online offers for screen savers, games and the like unless downloaded from reputable vendor websites.
  • Scan your computer using anti-virus software (from a known provider) regularly, and keep its updates and patches up to date.  (Malware often masquerades as anti-virus scanning software, so make sure you are using a reputable anti-virus software.)
  • Make regular backups, and store them somewhere safe, preferably offline.

More from

Nov 7, 2013 6:09PM
Funny to see this on msn. Bing always has those "trending on bing" lists that make you think you are clicking on an article but all it does is a search. Then the results are mostly weirdo sites with banner ads that just scream "disreputable website". No I don't want to hear about an anti wrinkle cure discovered by a mom that makes dermatologists angry. No I don't want to read about a loophole in the law that lets me drive around without car insurance. I don't give a crap about an old weird tip that will give anyone washboard abs or a fruit that will lead to extreme weight loss. And you can take your penny stocks and shove em up your a$$.
Nov 7, 2013 7:15PM
If I was a senator right now, I would be looking to do something that the public would see as a little positive.  Here would be a good one.  Create laws that would make creating or using computer viruses a federal crime with fines like $100,000.00+ and serious jail time.  And whistleblower and tip rewards in the tens of thousands.  This needs to stop and making examples of some of these people certainly would not hurt.
Nov 8, 2013 12:25AM
We need heavy penalties for hacking & identity theft.
Nov 8, 2013 12:55AM
Hey - this is a no brainer.  Just let it happen, then throw your computer away, permanently.  Same thing is going to happen to the iPhones, Smart Phones, and and all the rest.  Once people stop buying the crap that is prone to getting a virus or malware, and the companies go bankrupt due to lack of sales,   Then maybe the companies would start to monitor the crap that they allow to be put on the 'Net.  They have no morals, ethics, or common sense.  The majority of use is actually abuse anyway.  So what did we do 40 years ago, well before PC's and cellphones?  So who really gives a damn as to how many bowel movements you take, or how many unknown "friends" you have on Facebook, Myspace, LinkedIn, and the other low class "Social Media".  We really are a bunch of losers, not just in this country, but the whole developed world.  Is there anything more rude, crude, and inconsiderate than someone using their cell phone or begin texting while they are in a restaurant, movie, or even while trying to drive.   If you don't like this comment, you are probably one of the abusers, and you deserve to get the malware. 
Nov 7, 2013 6:02PM
just saying    life was much safer before these "little machines" and I will never get more junk mail in my mail box then my inbox
Nov 7, 2013 6:24PM
Be careful where you put your........cursor.  :)
Nov 7, 2013 9:56PM
Sounds just like that 0bamacare website. They take all your info and steal precious time that you'll never get back, matter how much ransom you pay.
Nov 7, 2013 6:51PM

Best thing is to use pc when paying for bill under " In Private " setting.  Change your passwords monthly which may seem hard, but in fact is not.  Look at it this way,  How many items people have scan at the groceries stores every month using the bar code or UPC?  Quite a few, Right?  so, why not use UPC or Bar Codes as passwords and change them every month.  Just add few extra characters to make it unique for your use.  Keep files in a large flash drive and also have a Windows Software Program handy to re format if its needed in case a back up flash drive is not available.  Always go to tools logo in your upper right corner and open the window to choose delete browsing history and delete all browsing cookies as well.  Choose your privacy level and Security level.  Don't forget to scan your computer using quick scan prior to make a bank transaction and change your bank password monthly.

The possibilities of using Bar Codes as passwords are endless.  You can find a bar code from a can of tomato sauce or even in a jug of 1 gallon milk or even in a empty box of U-Haul.  Also keep a log of all passwords as they get change in a note pad.  Why? when doing a recovery with an specific date, as you try to login you need to remember the last password use during that specific time.  For example, let say your pc needs a recover, but let's say today is December 18, 2013 and you want to recover your pc to an earlier time.  The earlier time let's say its July 22, 2013, you may need to use the password that was use from July 1, 2013 thru July 30, 2013, if not you may not be able to enter the pc or login if using the password of the last date of December 18, 2013.  Good luck folks, and have a good day or night!


Nov 7, 2013 11:19PM
Seems like a great opportunity for a software designer to make a program that simply tells you when any files are being encrypted,  tells you whatever it can about the perpetrator, and asks you for permission to continue.
Nov 8, 2013 10:32AM
 I put a condom on my mouse so I'm safe from viruses.
Nov 7, 2013 8:03PM
Get yourself a "live CD" NOW!! You can use it to boot up your computer and copy all your important files to another drive. Then you can reload your operating system  and restore your files.

This happened to me last weekend. That will be the day when I pay $300 for you to unlock my
computer after you have locked it.

Nov 8, 2013 9:32AM
I hate these people that create jobs my doing harm to other people's property....some of these crazy people are as bad as those that kill, maim, burn and destroy other's life and personal property....we can't hire enough good guys to catch the bad ones, and if we could the laws we allow others to write would hinder or block their efforts....crazy dam world. 
Nov 7, 2013 11:06PM
These ongoing malwares and viruses are precisely why I do not do any online purchasing, bill paying, or banking. To me the risk of having my personal information hijacked online is far to great to ignore. My advice is to download a copy of 'Keyscrambler' free software which is available through cnet. This nifty piece of software encrypts what you are typing so that keyloggers who may be tracking you cannot decipher what you have keyed in online.
Nov 8, 2013 12:32AM

Or you could just use Linux or some variant thereof.


Nov 8, 2013 1:08PM
I have anti-virus software and I still got a ransomware virus. So its not perfect and it won't protect in all cases. I think Bill Gates and Microsoft are a bunch of idiots, and these cyber criminals are a lot smarter than they are. Don't you think it should be the other way around??
Nov 7, 2013 9:59PM
Tried that on me already, I didn't click a thing opened task manger and force closed the browser, Problem Solved, BTW if your dumb enough to fall for that you earned it! they don't ask for fine money, that is done by the courts after the fbi, dea, atf, or police arrest you and prove a case against you!
Nov 8, 2013 7:10AM
Nov 8, 2013 1:34AM
Cripes!  Go frighten someone else!  I'm tired of hearing all the threats!  If it weren't for the ant-virus software, we would all be victims ten time over, yada, yada, yada!  Give me a break!  Enough already!
Nov 8, 2013 12:54PM
We need to catch and lock up these cyber criminals for 20 years to life wherever they may be hiding, and without access to any computer. Then maybe the web will be safe to use for the rest of us. This is a serious crime and we need serious penalties to stop it once and for all.
Nov 8, 2013 3:18PM
How about we copy their virus and encrypt it to be sent back to the creators of the virus? Hide it to look like a money transfer and when they deposit the money to their bank account, it updates the available balance to show $0.00. I would pay to see their face. I'm not a programmer but this sounds easily possible. Look what has been made so far virus wise. I'm sure there are ethical hackers that would do this. Anonymous, I plead with you to make this happen. lol
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


Smart Spending brings you the best money-saving tips from MSN Money and the rest of the Web. Join the conversation on Facebook and follow us on Twitter.