TeslaCrypt – All your important files are Encrypted! HOW TO PROTECT YOUR FILES FROM MALWARE ENCRYPTION!
A while back we heard of a smart new malware called CryptoLocker, that once it installs itself onto your computer, it encrypts your data, so you cannot access it. It led to a world-wide hunt and finally the intelligence services located the people concerned and fortunately were able to give people access to the keys required (that they were selling) to unlock their precious data. Even Police Departments were paying ransoms!
Up until then it was discovered their malware had generated a small fortune, and other ‘bad guys’ have now upped the game a little, with a almost 1st class lounge feel to it!
First and foremost this is basically malware. Once it finds its way onto your PC, be that via an attachment or other means, it then searches your data for files that have a priority to be encrypted, from gaming and Steam (this is bad and costly for a serious gamer), to financial details, accounts documents and similar. It is very well made, and once all this has taken place, and yes, all your networked drives will get the same treatment – for example, if you have a USB External drive attached to your computer, that will get encrypted to. Then you will get the horrifying image above appear that will make your blood run cold. It has a bar code which will be different for every infection. The victim can scan it and pay around $500 for a key (1.2 Bitcoin) to unlock it. This has now got so sophisticated that the program even allows you to upload one file of your choice to their servers that will be unencrypted and sent back to prove that this is a genuine key for sale!
The bare-faced cheek of it all is almost like they are giving you some service. When it is they who have put the malware there in the first place.
How to Protect Yourself Against TeslaCrypt
There are a few ways that you can help yourself avoid things like this happening or repair the damage once it has happened.
- You should make regular backups on Windows – Start -Control Panel – Backup and Restore. Buy yourself a External Hard Drive that is larger than your drive on your PC. To find out how big that is simply click ‘This PC’ or ‘My Computer’ and look at your Drive size. Backup and then uplug the drive the rest of the time. For smaller files like Documents and Accounts. then buy a cheap USB Pen Drive. And unplug it once your are done saving a copy to it and pop it in your drawer. If you get infected do not plug the drives back in. Format the PC and reinstall the backup you made, use the USB pen drive on another system. Some may say it might be wise to buy a brand new hard drive and put it into your PC and then reinstall your backup to that (as it is possible that unless formatted to a high Zero or Random Fill, some data may remain, it is of course possible for it to write itself to your Drives hidden Firmware – but this is worth a try first. Of course many will simply pay the fee as they are in business and are not technically minded.
- How to Stop Malware getting on your PC and this is nothing to do with anti-Virus! Run your PC as a ‘Regular user’ and not as an Administrator. When you start your PC if you are the only name then you are an admin! An admin has total control of everything on your system. If you become infected, the Virus also has admin level access to everything and can install itself pretending it is you. The way around this is to go to – Start – Control Panel – User Accounts – Manage another Account/Create Account – Create a name like YournamePCAdmin or YournameAdmin or YournameAdministrator so you know what this is – it is obvious to you when you are ‘in the moment’. Make the account password protected with a password you can remember – select Administrator as it’s level – then save and reboot – then log into your Administrator account you have just created on the boot up Log in screen, and it will be clear of most of your personal files. You then go back to the User Accounts and find your other account you normally use and make that a STANDARD USER! – Reboot – Log into your old account. Go back to User Accounts and double check you are a standard user!
Now, from now on, when you want to install a program or something nasty wants to install itself onto your PC, it will not be able to. It will ask for your admin level password! You will think twice, “Wow! Hang on a minute what is this? I am not installing anything! I only opened an email or visited a webpage. Let me go online and double check what this file is and why it is trying to install.” If it says it is a Microsoft Update signed by Microsoft, then allow it. But if it is something more suspicious then you have just potentially saved yourself $500 smackaroos! You can always log into your Admin account at anytime to do major maintenance. But for day-to-day workaday word files, emails, attachments and business you don’t need admin level access. This will, it is said by most top analysts, save 98% of all infections out there! Add to this Google Chrome Browser (instead of Internet explorer) and chances are you will never get an infection!
Good Luck! And I hope this helps!