According to VirusTotal, a website that checks malware against dozens of antivirus engines, most antivirus software can detect Cryptolocker malware. Cryptolocker spreads via malicious file attachments and can also be detected by antispam appliances and most filtering software.
Beware of relying solely on antivirus software for protection, warned Malwarebytes' Segura. If antivirus detects an infection after files are encrypted, removing the threat can make decryption difficult, he said. Some people have sought to re-infect their systems in order to pay out the ransom to cybercriminals, he said.
To address systems that have had the malware removed, the cybercriminals behind the scam have set up a CryptoLocker Decryption Service. The service, which is cloaked from investigators behind the Tor anonymity network, can produce a decryption key to victims who upload an encrypted file. The service is expensive at 10 Bitcoins, or approximately $2,300.