Cryptolocker file decrypters don't exist, no matter what that email says

Jun 6, 2014 12:59 GMT  ·  By

Earlier this week, the US and European authorities told Internet users that they had managed to crack the malware known as Gameover Zeus that had been used to divert millions to the bank accounts of criminals, as well as Cryptolocker, a viral scam that was used by hackers to obtain control over people’s computers and ransomed the data.

People were told that they had two weeks to protect themselves against these threats after authorities disrupted the system used by criminals.

“Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action. Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails,” said Andy Archibald, deputy director of the national cyber crime unit at the National Crime Agency in the UK.

Bullguard, a global software company that provides Internet security and antivirus protection, has detected a wave of malware-ridden spam that pretends to be a CryptoLocker file decrypter, and it advises people not to waste time before installing a security solution.

While these viruses can no longer be used to steal information and encrypt files as long as the communication with the command and control servers is cut, other malware writers are currently taking advantage of the frenzy.

Massive phishing campaigns have been spotted and viruses are already being distributed as attachments to spam emails. Some of these are delivered under the false pretense that they are a Cryptolocker file decryption tool. Since Cryptolocker has used a strong encryption method that cannot be cracked, it means that there is no such tool out there.

Those who do receive such emails should be aware that they are certainly spam and that they really shouldn’t click on the links or download the files. The so-called file decrypter is in fact malware.

The tool pretends to be a registry cleaner that will automatically detect severe issues even if there is none there. The trick is to get the victim to buy the software.

Doing so won’t just leave your wallet a lot lighter, but it will also put your personal information and banking details in danger.

“People should not be tricked: if they pay for this software, the only outcome is that they will help Cryptolocker and GameOver Zeus indirectly cause more financial damage. And the situation will certainly escalate and more dangerous viruses will be marketed as Cryptolocker file decrypters. The only viable solution is to have a powerful security suite installed, which both detects and prevents such malware, and also to regularly backup your files,” writes BullGuard.