The files will then be doubly-encrypted; once by TrueCrypt, and once by the ransomware.
The good news is that the malware can’t read the contents of your TrueCrypt-encrypted files. That’s not what ransomware is really about anyway: It’s not designed to snoop; it’s just designed to take your files hostage.
But the bad news is that you can’t read your TrueCrypt-encrypted files, either! The malware encryption is in the way.
To access your files, you’ll have to either find a way around the ransomware, or pay the ransom. Once the ransomware is gone, your TrueCrypted files should behave normally.
You won’t easily “find a way around the ransomware.” Ransomware usually uses high-grade encryption that’s effectively impossible to break on PCs, within any reasonable timeframe. (That’s the whole idea.)
The only certain “way around ransomware” is to completely wipe out the infected setup (e.g. disk-wipe/repartition/reformat), and restore everything from known-safe, uninfected backups.
If you don’t have recent, known-safe backups, you’re toast. Your only real option is either to pay the ransom and hope the perpetrators actually give you a working key; or to abandon all your files and set everything up afresh, from scratch, using an OS setup DVD or thumb drive.
Not to belabor the obvious, but this is just one of the reasons why — if you store anything valuable at all on your PC — it’s vital to have current backups stored somewhere they cannot be accessed by malware or affected by any other problem on the PC itself. (Same goes for smartphone files, of course.)
Files that aren’t safely backed up could go away at almost any time, for a whole world full of reasons — mechanical failure, software error, malfeasance, accident, user error, theft, loss…
But with backups, even a full on ransomware attack doesn’t have to be more than an inconvenience.
Here endeth the sermon. 🙂
Permalink: https://langa.com/?p=1661
Want to ask Fred a question? Have a comment? Click here!
Want free notification of new content like this? Click here!
Speaking of TrueCrypt. Perhaps you could post a short article about its current status; have any problems been found with the final version? What substitutes do you recommend? Looking forward to seeing your stuff again on AskWoody’s newsletter.