By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    A Malware Classification -Kaspersky Daily
    12 months ago
    Desert Falcon Arabic Advanced Persistent Threat
    12 months ago
    Security Week 36: jailbreak theft, farewell to RC4 and holes in routers
    12 months ago
    Latest News
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
    5 days ago
    Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
    6 days ago
    Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
    7 days ago
    Agent Tesla’s Unique Approach: VBS and Steganography for Delivery and Intrusion
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Surface Pro released and the 128 GB version already sold out at the online Microsoft Store [Updated]
    12 months ago
    Windows 11 build 22622.590 (KB5017846) outs in the Beta Channel
    12 months ago
    How to protect computer from virus and hackers on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    7 months ago
    Now you can speed up any video in your browser
    7 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    8 months ago
  • How To
    How ToShow More
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    16 hours ago
    Cloudflare account permissions, how to use them, and best practices
    Cloudflare account permissions, how to use them, and best practices
    16 hours ago
    Announcing Cloudflare Incident Alerts
    Announcing Cloudflare Incident Alerts
    16 hours ago
    Welcome to Birthday Week 2023
    Welcome to Birthday Week 2023
    2 days ago
    A new wave of innovation with Edge, your AI-powered browser
    3 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to match Windows 11 accent color on Google Chrome
    2 weeks ago
    Gmail AI feature Auto-complete
    12 months ago
    Windows 11 build 22623.746 (KB5018490) rolls out in the Beta Channel
    11 months ago
    Latest News
    How to use image layers on Paint for Windows 11
    6 days ago
    How to disable Copilot on Windows 11 (completely)
    2 weeks ago
    How to blur image background in Photos for Windows 11
    2 weeks ago
    How to hide text from screenshots on Snipping Tool for Windows 11
    2 weeks ago
  • Glossary
  • My Bookmarks
Reading: Protecting Computers and Smartphones from Cryptolocker, Pletor aka Simplocker and Other Ransomware
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Protecting Computers and Smartphones from Cryptolocker, Pletor aka Simplocker and Other Ransomware

Vitus White
Last updated: 13 October
Vitus White 12 months ago
Share
7 Min Read

Ransomware became one of the most convenient rackets for cybercriminals. On reading recent news on the GameOver Zues botnet we found out that its owners were also actively distributing the CryptoLockerransomware, which encrypts the victim’s files and asks for ransom in a case when Zeus banking trojan did not have any success while on rampage in your PC. A similar scheme is now gaining traction on smartphones: iOS-based devices are blocked with the help of the Apple’s Find My iPhone service, while for Android smartphones the culprits have coded a mobile version of Cryptolocker, Pletor.a. Unfortunately, the news resources tend to serve such information lavishly seasoned with panic, and you are very likely to have seen headlines like ‘Only Two Weeks to Protect Your Computers from a Dreadful Threat’. You need not panic; just know your enemy and follow our protection action plan.

Contents
Why Cryptolocker and its likes are dangerousProtecting your PC from Cryptolocker, PrisonLocker, Cryptowall and their likesProtecting a smartphone from the Pletor.a ransomware and Svpeng ransomwareBeware of fake ‘cures’Protect your smartphone now

Why Cryptolocker and its likes are dangerous

Unlike previous examples of “blockers“, which used to just block the PC screen to disturb your PC experience, cryptolockers, as is read in the name, encrypt the user’s files.

Even having managed to delete the malware, you cannot continue working with your files.

It means that, even having managed to delete the malware, you cannot continue working with your files. A number of such lockers, owing to mistakes and imperfections in their code, are quite likely to be deciphered by third-party anti-virus utilities. With regard to better-crafted samples of cryptolockers, they use strong encryption and do not store the key on the affected PC, making user-initiated deciphering impossible, keeping this opportunity open only for the cybecriminals (who, obviously, demand $50-2000 for this “service”). This approach is now used on Android devices: Back in May, we discovered the Pletor.a ransomware, which is able to encrypt files stored on an SD card and place a threatening message on a display, asking for a ransom. Current Pletor versions do have the aforementioned flaw, so third parties (read: antivirus companies, e.g. us) are able to help the victim with file deciphering, but as of today, there are more than 30 modifications of this ransomware, and the version which does not allow for third-party deciphering, might be just around the corner. 

New “milking” scheme for cybercriminals: First, steal your banking credentials, then encrypt your files and demand a ransom.

Tweet

Also, last week in the US we have discovered a new version of mobile banking Trojan Svpeng, which is evidently walking in GameOver Zeus’s shoes. The current version is able to efficiently block the device, demanding a ransom. Additionally, the malware’s code shows developers’ intent to steal financial data from the smartphone and contains a link to a not yet implemented Cryptor method, which is likely to offer the file blocking capability to the cybercriminals. Curiously, not only do mobile Trojans encrypt the files, but blackmail the user with mailing the compromising text messages or photos along the victim’s contact list. That means the bleeders now have one more trick in their sleeve.

mobile-cryptolocker-1

mobile-cryptolocker-2

Protecting your PC from Cryptolocker, PrisonLocker, Cryptowall and their likes

  • Check your PC for Zeus-type malware. Use the free Kaspersky Lab utility which is able to scan the PC and delete the malware.
  • Install a strong Internet security solution. It will prevent compromising in the future.
  • Create an online backup copy of your data. It will be needed in case your PC is affected by Cryptolocker. Instead of paying ransom for your encrypted data, you just need to restore it. The backup will also save you in case of fire, hard drive failure and other unfortunate circumstances. It is vital to perform a regular backup on your PC. For the online backup plan, instant synchronization is possible, for locally stored backup copy we recommend daily synchronization. To ensure better protection from Cryptolocker, all external storage devices must be disconnected after the backup has been performed. 

    Well-maintained backup solution is an important part of your protection from Cryptolocker ransomware both on PC and Android.

    Tweet

Protecting a smartphone from the Pletor.a ransomware and Svpeng ransomware

  • Install a robust antivirus app from Google Play or other trusted app store like Yandex.Store;
  • In security settings, disable the third-party app installation support;
  • Do not download apps from forums, third-party websites, etc. Use only trusted sources.
  • On installation, keep an eye on access rights the app is asking for. Traditionally, rights to send text messages or making calls are considered suspicious, yet the right which must immediately attract your attention is the right to modify the content of the SD card. Unfortunately, it is a very popular right used by many games, dictionaries and other legitimate software. So the decision must not be taken based only on the application access rights. If you disabled automatic scanning for the newly installed apps, run the antivirus on each new app installation.
  • Use Google Drive, Dropbox and other cloud storage and backup solution to backup your photos and other documents.

Beware of fake ‘cures’

Cybercriminals went as far as using the news on Cryptolocker and GameOver Zeus to their advantage. The spam offering utilities for malware deletion and post-Cryptolocker file deciphering is already distributed online. Those who download the utility, being lured into it by its seeming ease of use and freeware nature, are doomed to have even more malware on their PCs. So we recommend using only trusted applications from the trusted suppliers to cure your systems from Cryptolocker.

Protect your smartphone now

Untitled


Source: kaspersky.com

Translate this article

TAGGED: Apple, Encryption, Malware, RC4, Security, Software, Split tunneling, Targeted Attack, Threat, Threats
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps 16 hours ago
Cloudflare account permissions, how to use them, and best practices
Cloudflare account permissions, how to use them, and best practices
Apps 16 hours ago
Announcing Cloudflare Incident Alerts
Announcing Cloudflare Incident Alerts
Apps 16 hours ago
Welcome to Birthday Week 2023
Welcome to Birthday Week 2023
Apps 2 days ago
A new wave of innovation with Edge, your AI-powered browser
Windows 3 days ago

You Might Also Like

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)

16 hours ago
Cloudflare account permissions, how to use them, and best practices
Apps

Cloudflare account permissions, how to use them, and best practices

16 hours ago
Announcing Cloudflare Incident Alerts
Apps

Announcing Cloudflare Incident Alerts

16 hours ago
Welcome to Birthday Week 2023
Apps

Welcome to Birthday Week 2023

2 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
Critical Vulnerability in Forminator Plugin
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme
How to download Windows 11 22H2 ISO after 23H2 releases
Previous Next

10 New Stories

Curator can help you with PC Game Pass picks
Cloudflare Email Security now works with CrowdStrike Falcon LogScale
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
How to use image layers on Paint for Windows 11
New! Rate Limiting analytics and throttling
Previous Next
Hot News
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Cloudflare account permissions, how to use them, and best practices
Announcing Cloudflare Incident Alerts
Welcome to Birthday Week 2023
A new wave of innovation with Edge, your AI-powered browser
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?