moved for better visibility
While it does not seem to fully answer the question, this is the best I have been able to find - http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=245198
It still doesn't explicitly name any of the threats we are concerned about. If you call and ask McAfee about CryptoLocker, this is the link they will provide..
There's a writeup in the threat center from a few months ago - are you having a breakout of malware which we are not detecting? Without knowing the hash or some details of the malware it's pretty hard to give you information - remember there are over 100,000 new malware samples detected (and remediated) every day.
duh - beat me to it itsectech. :-)
give us a sample hash or something specific and we can give more information, but Crypto Locker is a marketing term for a whole bunch of stuff.
Maybe you mean one of these (thousands) of things we currently detect?
Well, here's to hoping that I don't have to give you a signature, lol. We haven't had anything hit yet but when the brass comes to me wanting to know if we are protected (the best we can be), I have to give them an answer. Upon calling gold support, the tech seemed to know what I was talking about. However, the DAT write-up doesn't cover our concerns.
Message was edited by: itsectech - words are hard on 10/10/13 2:33:05 PM CDT
I hate to say it, but there are so many "basic" viruses like this, that they just get identified, remediated and punched into the DAT etc.
Unfortunately as an industry we've not yet agreed a common naming convention, so everyone calls things by different names so it gets hard when Microsoft (in this case) names something Crilock, we call it RDN/Ransom!dp Kaspersky calls it Trojan-Ransom.Win32Blocker.cfwh etc ...
The one thing we all agree on is the hash and from Virustotal, you'll see there's pretty good coverage across the board.
Protected "as best we can be" to me means having the latest engine, DAT and having GTI/Artemis turned up to HIGH ;-)