Be mindful of CryptoLocker-Trojan:Win32/Crilock.A - a bad piece of ransomware

This was seen in the wild and was 0day. At this point it must have made it to vendor's signature but better safe than sorry. Payload is transmitted via email attachments at the moment. It targets businesses but what's important for the sake of this post is that it targets MS Office files amongst many others. Once the infection makes its way to a system it will rapidly (depending on files found) encrypt content and will ask for a ransom for decryption and accepts payment through moneypak/bitcoin etc. The ransom is either 100$ or 300$.


Analysis from emsisoft:

If for instance encryption occurs at this moment, the backend for processing payment/decryption is down so decryption cannot be provided. Prior to this there were confirmed instances of payment followed by actual decryption but accounts are partial and full verification of the decrypted files was not completed at the time of this posting. See some of those accounts here.

Don't take my word for it and verify this is no hoax. Just thought a heads up was appropriate! Good luck!