Anti-Malware Team Attempts to Take Down CryptoLocker

This week, members of the group known as Malware Must Die attempted to take down command and control nodes of the now infamous CryptoLocker spyware currently terrorizing its way through the EU and US.

CryptoLocker is one of the most unique approaches to monetizing malware we’ve seen to date, relying on .exe files downloaded from an email to take over all of your personal data, lock it down, and hold it hostage until you cough a ransom of up to 2 Bitcoin, almost $2,000 at current prices.

Former Scotland Yard detective Adrian Culley told The Register he believes the operation will garner more success the second time around, having learned how the virus reacts under attack from several sources at once.

“It is no surprise that the announcements of the death of CryptoLocker appear to have been somewhat premature. An essential part of the process is post-takedown analysis, which may turn out to be a post-mortem, or a triage of the zombie remnants of a botnet, or may indeed confirm that the botnet is very much still alive and kicking.”

The security researchers involved in the mission targeted 138 different domains known to host and proliferate the program, but realized this only slowed down the effort for a matter of hours, rather than disabling it completely as they hoped.

“It is essential to undertake this analysis post any sinkholing activity,” continued Culley, “which does appear to have happened in this instance. CryptoLocker appears to have the same resilience as many other C&C based attacks.”

The best method to avoid accidentally bumping into CryptoLocker while browsing around is to never download anything from an email that you don’t explicitly recognize beforehand.  Also remember to always connect to your network through a respected, reliable, and well-reviewed VPN provider like Private Internet Access.

Dedicated to providing the most anonymous experience possible, Private Internet Access never keeps any of your payment information on file, and even accepts Bitcoin if you’re worried about someone listening in on the way.