A new variant exists

Cryptolocker has evolved and a new variant exists that’s gotten past a mainstream antivirus product for one of our clients, so today our customer support group is helping a client restore from a backup before their system because they were infected with the latest variant of Cryptolocker which got past AVG. So it’s bad news is that mainstream anti-malware products, such as AVG, are not blocking the new variant.

This shouldn’t be a surprise to anyone in this security business as anti-malware products are always playing catch up. What appears to be good news is that this variant uses symmetric TEA (tiny encryption algorithm) which is symmetric instead of AES-256 — as a result, one clever programmer has already been able to reverse engineer the crypto locker executable and decrypt files (click here for link).

There are a couple of lessons here

First, there will always be zero-day vulnerabilities which necessitate that all computer data must be securely backed up to a totally separate network or offline devices, and a product such as WholesaleBackup is ideal.

The second lesson is that, like diseases, computer malware is constantly spreading and changing, so one must remain vigilant and actually plan on being breached — this may well be your only protection!

Please see our updated Ransomware article

Where we talk more about the current trend in ransomware infections and also where we answer questions about how backup data is affected by ransomware, we also talk about a new update/feature to our backup software that protects you even further again ransomware.