BBTech would like to make everyone aware of a particularly nasty computer program that has been making the rounds recently named Cryptolocker.
This new “ransomware” is not technically a virus since currently it does not spread to infect other computers on your network.
What it does do is begins encrypting any document files it can find on your computer – or on network shares you have access to – with a currently-unbreakable encryption method. When it is finished doing this, it notifies you that your files are now locked, and requests anywhere from $100 to $500 ransom to unlock them.
How should you prevent Cryptolocker infection?
Currently, the only method Cryptolocker is transmitted by is via email attachments. Popular spoofed email accounts include ones from FedEx, UPS, the IRS, Quicken/Quickbooks, Banking Institutions, or even “your IT Administrator”. Any email that contains a .ZIP attachment from one of these senders is suspicious – as none of these senders will generally ever send you a .ZIP (compressed file).
If you are ever unsure if an email attachment is fake, you are welcome to send it to us for inspection at firstname.lastname@example.org. However, it may also be beneficial to follow up with a phone call, as our spam filter is pretty good at filtering these types of messages – so we might not ever receive it!
There is also a crypto-prevent utility that you can install on personal machines: [button link=”http://www.foolishit.com/download/cryptoprevent-installer/” type=”icon” newwindow=”yes”] Download Crypto-Prevent[/button] Download and install this, and it will block the most common forms of Cryptolocker. Since the ransomware program is updated frequently, this may not prevent all instances of it going forward.
The BEST solution is to have MULTIPLE BACKUPS. Cryptolocker will not currently lock backed up files, especially if they are stored somewhere other than on your computer (as they should be!)
If you would like to evaluate your backups, call us and we can recommend several solutions.
*Remember*, once that red ransom popup comes up, there is NO “fix” to get your files back (other than paying the ransom, which is not a guaranteed fix either!)
Help! I’m infected! Now what?
If you’ve already gotten Cryptolocker (and the nasty red warning), then unfortunately, the files on your computer are already locked, and there’s nothing to do except for delete them and restore from backups.
The good news is, your computer is otherwise recoverable and a few good scans with some reputable malware-removal software should take care of it.
As always, contact us if you have any questions, or suspect that you may be infected!