Widely believed to first appear on the internet on September 5 2013, Crypto Locker is a ransomware Trojan virus targeted at computers running Microsoft Windows® operating systems. Primarily propagated through infected email attachments, the virus uses existing botnets when activated to encrypt some types of files stored on the local disk drive and other mounted network drives, using RSA public-key cryptography. 

Attacks from CryptoLocker virus have sky rocketed since it first appeared online, causing damage and disruption to millions of personal and business systems, netting the hack perpetrators over $3 million in ransom from their victims.

The CryptoLocker virus takes users to ransom by hijacking non .EXE extension files and documents which could contain pictures, music, videos and word documents that would most likely be valuable to the users’ daily workloads.

The hackers then demand payment of a ransom of around $499, usually against a time scale of 96 hours in order to unlock the .7z encrypted files and folders. The encrypted digital currency Bitcoin is often the mode of ransom demand from the hackers, with a threat to destroy the private decryption key after the time has expired.

                                    Watch CryptoLocker In Action

Mode of Transmission of the CryptoLocker Virus

The main technique employed by hackers to perform this type of attack is social engineering, tricking the user to open a password-protected ZIP file attached to an email deceitfully claiming to originate from a logistics company.

Further proof of legitimacy of the email is implied when the hackers include the password required to open the file bundled in the email. CryptoLocker Trojan then takes advantage of Windows operating systems’ own defence mechanism of hiding file extensions from file names, in order to disguise the true .EXE extension of the malicious file.

All that is required from this stage is for the user to run the program and the Trojan becomes memory resident of the target machine. This causes the following actions to occur;

  •            The malware is designed to save itself to AppData, LocalAppData folder located in the user’s profile.

  •          A special key is then added to the registry to ensure the malware runs every time the user starts up their computer.
§ To ensure the main process of the virus never gets terminated, the malware spawns two processes of itself with the second designed to protect the first against termination, making it a very dangerous virus indeed. 

Encryption Algorithm Deployed by CryptoLocker Trojan

A random symmetric key is generated by the Trojan for each file it encrypts, using AES algorithm. The random key is then encrypted using an asymmetric public-private key encryption algorithm (RSA), resulting in keys of over 1024 bits or in some cases even 2048-btt keys being added to the encrypted file.

This complicated encryption procedure ensures only the owner of the private RSA key can retrieve the random key used to encrypt the file. In addition, since the malware overwrites existing computer files, it is impossible to retrieve them with current data recovery forensic techniques.

Once the Trojan is activated, it quickly proceeds to obtain the public key (PK) from its C&C server by deploying a mass fixed domain generation algorithm (DGA) referred to as the ‘Mersenne Twister’, using the current system clock as seed to generate up to 1,000 different fixed sized domains every day.

      Domain Generation Algorithm (DGA) also known as the ‘Mersenne Twister’

After the Trojan has downloaded the Public Key, it invades your Windows registry to save the key as: HKCUSSoftwareCryptoLockerPublic Key. The virus then begins the process of encrypting files on the hard disk and along with any shared or mapped network drives. Below are some extensions CryptoLocker Trojan attacks;

The virus then saves a log of each encrypted file to registry as below;

Once the encryption is complete, a splash screen is displayed to the user demanding a ransom payment of varying amounts against a time limit. The hackers typically threaten to delete the private decryption key they now hold on their servers.

Removing the CryptoLocker Trojan Virus and Restoring Encrypted Files

If the suspected computer infected with the Crypto virus is identified to be part of a network, all steps must be taken to isolate the PC from the rest of the network to stop the virus replicating.

Running an anti-malware program such as MalwareBytes® and Spy Hunter® on a full system scan can detect and remove the malware. It is advisable to run a similar scan on any other computer in the network connected to the source of the attack.

Downloading ESET Scanner® and running a second full system scan ensures your PC is free from the virus, especially because they are memory resident. 


Recovery from a CryptoLocker Trojan Attack by Restoring Encrypted Files

If these types of attacks teach us one thing, it reaffirms the absolute importance of taking regular differential and full data back-ups with a strong documented disaster recovery plan.

Unlike other types of attacks that aim to exploit your data and sell to cyber criminals, CryptoLocker Trojan attacks costs their victims a lot of productive hours by blocking access to your files; with the ultimate aim of extorting money from users through encrypted ransom demands.

Method 1:  Decrypt Encrypted Files on Android Devices with Avast® Ransomware Tool.

Good News! Android device users now have an effective anti-malware program in Avast Ransomware Tool.

The software itself is free on Google Play Store® as are many powerful Avast products, with the ability to power scan and decrypt any files that become encrypted with SimpLocker, CryptoLocker and other families of ransomware computer viruses.   

It is unclear if the anti-virus company have any plans to develop this decryption tool for PC and MAC. More information about this will be available on our Twitter page @ixploitcybersecurity when it becomes available.

Be sure to uninstall the app after decrypting your files to give you back control of your device. If you believe as an administrator the likelihood of an imminent attack from spam emails, Avast Internet Security 2016® offers an intelligent anti-virus that can detect malware, spyware, phishing attacks and ransomware.

A powerful firewall and a revolutionary sandbox lets you test downloaded software in a test environment, completely sealed off from the rest of your PC. A strong security standard is employed to ensure devices in your home are hidden from any hacker listening in on traffic on your network. 

Method 2:   This is where the practice of regular back-ups comes to the rescue. Many forms of back-ups exist such as Synology® drives or cloud back-ups from providers like Symantec. To avoid paying the ransom, the best way is to wipe the infected system and restore all files from one of your full back-ups. 

Method 3: Try using previous versions of Windows automatically saved as part of system restore. Learn more about this function here

Method 4: Using Shadow Volume Copies with Shadow Explorer:

  • Download and Install Shadow Explorer , available with Windows XP Service Pack 2, Vista, Windows 7 and Windows 8. 

  •  Launch Shadow Explorer and select from the drop down list one of the available point-in-time Shadow Copies. Choose the drive and the latest date you want to restore from. 

  •  Right-click on any encrypted file or even entire folders and begin to Export it. You will then be prompted to choose the location you would like the files restored to. This process may help you recover all the encrypted files or at least a percentage of them. 

             How to Avoid Infection from CryptoLocker Trojan Virus 

As already discussed above, the CryptoLocker malware is spread via email using social engineering techniques. Therefore, that should be your main point of defence against the Trojan. 

  1.  Using powerful email filtering systems like Symantec Message Labs® can help create strict rules for incoming and outgoing emails to limit the exposure of internal email addresses to potential hackers.

  2. Limiting the range of company Wi-Fi signals to prevent hackers from gaining access to any resource on the network that may contain employee data information.

  3.  Carefully scrutinizing emails from unknown senders, especially those with attachments.

  4. Disabling hidden file extensions in Windows also helps to recognize patterns of this type of attack.

  5. Ensuring your back-up systems are up to date and keeping on top of regular maintenance. This helps with incidence response after an attack.

  6. In the unfortunate event that your systems get infected and you find yourself without any back-ups, it is highly recommended not to pay the ransom. Not only does paying help fund the hackers’ business model, there has been cases where ransoms are paid and files still remain encrypted.

Hope you enjoyed reading our article. Feel free to leave us any comments or make suggestions on other to prevent attacks from CryptoLocker Trojan Malware, via our email info@codexploitcybersecurity.com. Thank you for investing your time with us.

                                                 Twitter: @ixploitsecurity

                               Written By: www.codexploitcybersecurity.com


   Credits to all organisations and development teams at Relevant Organisations

Download click to begin 1.62MB .pdf

Welcome, users, to another lesson from Codexploitcybersecurity. It is undeniable that modern life will simply not run without access to some form of email. With numerous clients out there used to access your vital business information such as Mac Mail® and Mozilla Thunderbird®, you only need to spend a few hours with them to notice how Microsoft Outlook® out performs the rest in all aspects of functionality.

Like any mail client, you would have the option to organise your folders depending on the type of messages you receive to facilitate easy access to any information you may deem important. However the rate of incoming messages could mean your mailbox quickly gets overwhelmed, making finding vital information from the stack of emails a daunting task.

By the end of this article, you will know how to use the Instant Search feature to find any messages, based on who sent it or a phrase contained in the body of the message. You will also be able to perform advanced searches using several parameters and also narrow down your search.

Want to see more than 30 search results displayed by default? This article explains how you can remove this limitation to show over 250 search results.

Working in a busy office environment allows you to appreciate the importance of MS Outlook because not only does it organise your emails with ease, the application doubles as your virtual personal assistant calendars to plan your appointments which are all synced to your mobile devices once connected to the Microsoft Exchange server.

The focus of this article will be on MS Outlook 2016, although previous versions function similarly. A full comprehensive tutorial will be available on Codexploitcybersecurity.com in the near future. Here is a step-by-step guide on how to perform Instant search using Microsoft Outlook mail client.

1. Locate the icon at the bottom left of your screen and click Mail

If you are unable to see this, the “Compact Navigation” menu may be turned on, in which case you’ll see this icon instead:

You may notice the icons are sometimes arranged vertically when the folder pane is minimized. To amend this, just switch the layout of the pane using the Minimize/Expand buttons on the top left of the navigation menu. 

Notice other functionality such as Calendars, People and Tasks can all be accessed on the left navigation pane.

2. Our search box, which this article is focusing on, is located to the right of the navigation menu directly on top of your messages:

3. Finding a message or word you know is done by simply typing in the search field (e.g. Report and hitting Enter. You can search for a particular person by first, partial or last names and you notice that messages containing your searched term are highlighted in the results.

Notice the “More” link at the bottom of search results which can be expanded to see more messages related to your search term.

4. Those of you familiar with Google AdWords paid search functionality, you can use techniques such as phrase match to narrow down your search as follows; using quotation marks to specify you want a phrase match, type in “expense reports” (Use any phrase you want from your email) and notice your results displayed will be emails that exactly contain the phrase in the order specified.

Anyone familiar with Boolean algebra will be happy to know that operators can also be used to refine your searches even further. Still using the example above;

Type in expense AND report to return messages containing both words but not necessarily in that order. The operator OR can also be used to refine your searches.
Type in expense NOT report to find messages containing the word expense but not the word report.

To close and return to your inbox messages, just click x in the search box.

Narrowing down your Search Results
Besides Instant Search functionality, Microsoft has built in search tools on the ribbon (The tool bar at the top) which can be used to further fine-tune your searches using a scope. Once you’ve made a decision on the scope you want to use, you can search by using parameters such as ‘Subject line’ or ‘Sender’ Information.

Scope: This normally allows you to specify where to perform the search, such as specific folders you’ve created or the main inbox itself - provided you know which folder your message resides.

Refine: This usually specifies what to search for and here you can add other criteria to the Refine group. When this option is selected, Outlook executes a special script in the search box to limit the results.

Clicking in the search bar opens the Search utility tab loaded with some tools to help specify your search criteria. Let’s take a closer look at some of the options available.

·          From: Selecting this filters your search results to display messages sent by a specific person. For instance you can search for all messages sent by Julia.

·         Subject: You can specify a subject line for Outlook to search through your emails. For example you can search for emails with the keyword ‘report’ in the subject line.

·         Has Attachment: Sometimes the only thing you can remember about the email you’re trying to retrieve is that it came with a file attachment. Select this option to display all the emails with attachments.

·         Categorized: If you flag messages as important or categorize them to review later, this feature can help choose which types of messages to display in the results.

·         This Week: Perhaps you vaguely remember the week the important message was received; select this option to choose a time frame for Outlook to perform the search.

·         Sent To: Sometimes an email you are looking for may have been sent to other recipients in your office by CC address. Using this option helps you find emails sent to a specific person.

·         Unread: This loads up all unread messages in the folder you’ve selected.

·         Flagged: If you have flagged any messages to review later, selecting this will bring them all up in the results.

·         Important: In Outlook, messages can be flagged as being on high importance, selecting this will display all those messages.

·         More: This helps with options to further narrow down your search results based on sensitivity and message size.
In all cases, you can use multiple criteria to help tailor your search results.

Below is an example to search for all messages received last month from John, with the keyword “report” in the subject line?

1. Select Inbox and click in the Search box.

2. Select the Subfolders in the Scope group

3. Click From and type John to replace the text which has been highlighted.

4. Click Subject and type report to replace the text highlighted in the search box.

5. Click the drop down menu next to ‘This Week’ and select ‘Last Month’. 

Using Advanced Find Feature in Outlook 2016

All the search features we’ve discussed above can help you recover any important emails, using special commands or the search feature tools located in the utility ribbon. However, MS outlook provides a utility that enables users to specify parameters in ‘Advanced Find’. This can be accessed as follows:

1. Click the Search box.

2. In the search tools menu above, click the drop down button>Advanced Find.

The advantage of using this feature is that you can specify much more complex search criteria from your calendar, contacts, notes and tasks to display in your search results.

To do this;

1. Click the Advanced tab.

2. You will notice a Define more criteria zone, click the Field button and then select All Mail Fields. A new menu of the fields you can search will be displayed including From, To, Received, Subject and tons more. 

3. Begin by choosing a field, then select a condition and finally input a value to begin the search. For instance:

From | Contains | Rhona will search for messages from anyone whose name includes “Rhona”. You will notice in the ‘contains’ menu, you are able to choose is (exactly) which is used for exact match phrases. So if Rhona’s email name is “Rhona Mitra”, From | is (exactly) | Rhona won’t return the desired results because we would need to specify Rhona’s full name, Rhona Mitra, to get an exact phrase match. 

This is where contains comes in as a very handy condition to use to perform your search. 

4. You can have a play around as many conditions as you like and see what results you get from your tests. Try options such as:

·         Received | Between | 5/01/13 and 5/31/13
·         Message | contains | budget
·         To | contains | Rob

Remember to click Find Now to run the search and display your results.

Removing the Limit on Number of Search Results in Outlook 2016

There may be times when you may want to see more than 250 results and may want to bypass the limit set by default in outlook:

1 Click File > Options > Search

2 Under Results, clear the Improve search speed by limiting the number of results shown check box.

Be aware that the speed of your search will be affected by a large amount of data will have to be crawled to pull out your results. Nevertheless, it is a cool feature if you ever have to deal with finding information from large amounts of emails dating back a few years.

This concludes our lesson on how to perform advanced search in Microsoft Outlook 2016 using commands and in built search feature utilities. 

Hope you enjoyed reading our article and you are welcome to leave us any comments or make suggestions on other ways to perform search in Outlook using our email info@codexploitcybersecurity.com and thank you for investing your time with us.

                               Written By: www.codexploitcybersecurity.com

                                               Twitter: @ixploitsecurity

                           Facebook: https://www.facebook.com/icybersecure

   Credits to all organisations and development teams at Microsoft Corporation

                                              Download click to begin 1.53MB .pdf

Unless you’ve been living under a rock for the past two decades, everyone is aware of the ground breaking innovations the tech giant Sony® have contributed to our modern world, ever pushing the boundaries of our imaginations using the power of computers.

With this year’s eagerly awaited gear PlayStation VR® due for release soon, I was pleasantly surprised to see the release of another remarkable addition to the list of head mounted displays, with the advanced Sony HMZ-T3W Personal 3D Home Cinema System.

Simply known in the industry as the T3 and weighing in just about 2.5Kg, this revolutionary headset is surely going to change the way we experience immersive entertainment only seen in the likes of IMAX 3D cinemas.

We get to explore all the technology loaded into this hardware to make it work and some of the things you can expect from owning one of these units.

Be aware the T3 is not a virtual reality head set but simply a device made to simulate the experience of a large high-quality screen environment matched with an incredible 7.1 channel digital surround sound. These combined give you complete, untethered  viewing experience where ever you find yourself craving some visual entertainment.

Let’s take a closer look at this device to hopefully get a better insight into its design, functionality and where you can actually pick one up should you decide to buy a unit:

Sony HMZ-T3W OLED HD Gear Design

At a glance you may think this is the long-awaited PlayStation VR® Gear because of the similar looks most virtual reality head mounted displays bear. The T3 however, was clearly designed to facilitate longer periods of use without much discomfort, so an extended padded plate has been fitted to balance the weight of the device on the user's head.

It measures 18.9cm across the face, 27cm along the sides and 14cm head and neck brace for further additional support during operation.


The main cavity where all the lens components are located is design with soft materials and a big enough space for any nose bridge to occupy, while sitting down or on the go around the house. An extended headphone on both sides ensures you don’t miss out on the incredible soundtracks you are used to when visiting your favourite IMAX screenings.

Sony HMZ-T3W Technical Specifications

For such a small device, the developers at Sony did very well to pack so much technology into such a small space. The unit features a dual HD display capable of resolving 1280x720 signals from devices like Blu-ray® players and other high-definition sources.

The panel itself is made from OLED (Organic Light Emitting Diodes), producing the highest levels of black, blue, red and green colour spectrums with a very high contrast ratio. This ensures the screen can keep an aspect ratio of 16:9 even 20 meters away without losing the crisp high resolution we see on IMAX. 

It’s hard to imagine a real 3D Dolby Digital True HD® surround sound that typically comes out of high-end Hi-Fi systems could be replicated to perform well in-ear headphones, but the engineers at Sony somehow managed to achieve this feat with a 7.1 channel spatial surround sound that arguably surpasses even Beats® by Dre.

One thing that has always been the limitation of portable devices is battery life. The more independent the technology, the more power is required to keep the processors, RAM and wireless adapters running efficiently. However, the T3 manages 3 hours of viewing time which is more than ample for 2 full feature films.

For those users that want to still have a feel of the real world, there is a feature called Open View Shield that lets the wearer see their immediate surroundings such as reach for the keyboard or mouse, mobile devices or anything else nearby without losing sight of the game or movie currently playing.

MHL (Mobile High-Definition Link) ensures your smart phone devices still charge while you play your favourite shows. 

The special revolutionary unit that makes this work is the whopping 60GHz wireless technology, which is 20x faster than the wireless 802.11n standard. This makes an easy task of rendering and transferring large amounts of data from your HD source players to your headset without any cables.

Sony HMZ-T3W Connectivity and Viewing Angles

The T3 is one of a hand full of devices that truly boasts of ultimate connectivity. Whether you are catching up on your favourite shows Like Breaking Bad or Desperate Housewives: this device was designed to stay connected at all time, regardless of the platform it plugs into. 

The wireless unit is loaded with numerous ports including 3 HDMI, USB, Optical audio input and MHL connections for your Blu-Ray players. 

Connect seamlessly to your gaming laptop - something the hardcore gamers will appreciate as they have not been left out of the action.

With an HDMI/MHL connection, you can now plug and play your favourite streams while the mobile device charges; a great achievement for the developers at Sony Corp®.

Unlike other virtual reality devices which use sensors and trackers to detect the position and direction you are looking in order to rotate the world around you, the T3 features a fixed screen that moves with you but cuts off the outside world to simulate the true immersive 3D effect on a giant 750” screen, standing 20 meters at 45° viewing angle in front of you.  

Creating a screen this large requires a lot of processing power and high transmission rates, but the magic itself lies in the Dynamic OLED screens, which essentially creates an illusion of a single large screen by transmitting high-contrast, high-speed images across two screens with zero latency. The whole experience then becomes an enormously huge immersive IMAX 3D sensation in the comfort of your own home.

Sony HMZ-T3W Dolby HD Surround Sound Options

I particularly like the way the developers at Sony considered the functionality their gear by allowing users who prefer the traditional over-the-ear headphones to plug in and enjoy an even more enhanced sound effect. One new addition to the list of such head phones is the Sony MDRRF865RK Wireless RF Headphones.

Gaming on the Sony HMZ-T3W Gear

Gamers rejoice, for the ultimate gear that completely reinvents how you play has finally arrived. You would have to be really unlucky not to get a clean head shot while playing Call of Duty® or any other first person shooter, and thanks to the intelligent one-frame delay system, an enemy player can no longer take the drop on you.

Fans of Nazi Zombies, from the creators Treyarch, will no longer be for the faint-hearted when you find yourself on a map like Call of the Dead, where a giant George Romaro chases you around with his lighting pole.  Explosive multiplayer maps like maps like NukeTown finally come to life with this display. Prepare for hours on end of walking into claymores and receiving strike packages, all running at 60 frames-per-second with zero lag.

Enjoying 3D Blu-ray content on Sony HMZ-T3W

If you are one of those yet to be convinced about watching content in 3D, this is your answer to a truly magical experience where you feel part of the world you have been placed in. Spin your favourite 3D movie and get blown away by the breath-taking scenery and see everything in clear detail as the director intended.

Some of the recommended testers of this technology could be Guardians of the Galaxy, Total Recall, Interstellar, Green Hornet 3D, the incredibleTron 3D and my personal favourite Avatar 3D (If the price has dropped a bit from the £80 release price tag).        

Final Thoughts on Sony T3 & Where to Pick One Up

Well done if you made it this far down the article. Hopefully you are excited to see this amazing technology in action and all the entertainment your family can enjoy having this kit in the house.

As with all new technology, you would expect a high price tag due to the investment cost during research and development. A brand new unit is available for £1,289 and if you are lucky a used version can be picked up for about £899, which is not surprising considering standard SUHD screens are selling for well over £2000.

You can wave goodbye to your £16.10 IMAX tickets each time you put on this headset, enjoying whatever content you wish on a virtual giant HD screen.

Follow this link to have a browse: http://amzn.to/1SlsRMy

Hope you enjoyed reading our articles and you are welcome to drop us any comments or make suggestions on other powerful virtual technology using our email  info@codexploitcybersecurity.com and thank you for investing your time with us.

                           Written By: www.codexploitcybersecurity.com

                                              Twitter: @ixploitsecurity
                         Facebook: https://www.facebook.com/icybersecure

                               Credits to all organisations and development teams at Sony Corporation

Download click to begin 3.86MB .pdf