Cryptolocker - are we safe??

With the UK National Crime Agency and the FBI issuing urgent alerts about Cryptolocker - are we safe? I always run my browser fully virtualized, can this alone stop Cryptolocker/plus, in addition are my file(s) then safe from encryption?

I understand that all descent AV’s can stop Cryptolocker, but many cannot stop vital file(s) from being encrypted :frowning:

You should be safe because you are running your browser as fully virtualized. This means that anything run from it will be fully virtualized as well, and can therefore not affect the real system.

However, to check on another attack vector, for which setting do you have the Behavioral Blocker configured?

Hi Chiron:

I have HIPS disabled and the BB set at untrusted…?

In that case you should be fine unless you explicitly allow the malware. Even with the browser run normally the BB set to Untrusted should be able to stop any ransomware. However, I will note that it’s still a good idea to run the browser as FV, although not necessary for this particular type of malware.

Let me know if you have any questions.


I do not use BB. HIPS only. So my computer is vulnerable?

Of course…there is no bulletproof protection.
It is always vulnerable. :wink:

In regards to cryptolocker, only if you allow it.

Thanks for answers. How frequent come updates TVL?

Everyday I’d say. There is a cloud based TVL where analysts can update it in real time and a local TVL that can be updated with a simple AV database if I’m not wrong.

Please start a new topic for this.