Ransom Ware – Crypto Locker Infections

Recent events prompted this blog post to remind everyone about the traps when dealing with email and attachments.

Those who are interested in learning more, please see the end of this post for links to web sites that explain the destruction this type of infection causes and how it works.

DO NOT OPEN ATTACHMENTS in email unless you are “certain” it comes from a trusted source AND you were *expecting* that email from a friend, client or business associate.

Note that it’s an extremely trivial task for scammers to make any email look like it came from someone you know, or a company / business associate you might normally trust.

A client / good friend of mine just got infected after a momentary lapse in concentration and opened an email purporting to be from Australia Post. The result?

He has lost ALL of his data files, including QuickBooks, Word Documents, Excel Spreadsheets, Emails > Read EVERYTHING – even his backups are now useless because his machine had access to the backup drive over the network and they got encrypted / corrupted as well.

Though his antivirus was up to date, Antivirus Software can only identify this type of infection after it occurs, it cannot prevent the infection from happening in the first place.

As soon as a computer becomes infected, the infection rapidly spreads throughout the entire network to Servers / Backup Drives, anything the computer has access to, thus rendering all files and backups stored in those locations totally useless until an expensive ransom (hundreds to thousands of dollars) is paid via the anonymous BitCoin currency – and there is no guarantee that even after paying the ransom, a recovery from the damage that has already been done will be achieved.

A Police Station in the US and some Government Bodies have all been caught out by this Virus / Trojan and in one instance, despite the huge amount of resources available to them, the Police Department resorted to paying the ransom to recover their data because all of their backups were rendered useless as well.

So think twice before you open *any* email or attachment, then think one more time before clicking that button.

A Cryptolocker infection has the ability to bring your entire computer and network to its knees as there is no “quick fix” available.

If you have *any* doubt whatsoever about the validity of an email or attachment, you should seek advice from an IT Professional BEFORE you open any attachment you receive if you were not expecting that email or attachment to arrive.

Always be wary of ANY email that contains attachments.

Also never click on links within emails unless you are certain they are valid. Far safer to open a browser and use a Favourite shortcut or type the site address you know is correct directly into a web browser.

If you are unsure and help is not readily available, delete the email into your Outlook Recycle folder and wait before you can get assistance determining the validity of the email *before* opening it. Call the person to check they sent it if that’s an option available to you.

Should you have any questions whatsoever regarding any of the above, please feel free to contact me.

A couple of Informative Links

CryptoLocker: What Is and How to Avoid it

Trend Micro explains this madness and how to avoid falling for the trap

A Google Search page showing many links to educate yourself

That’s about it folks.. Don’t take this seriously at your own peril.

I wish you all safe and trouble free computing.

Best..

Andrew

Comments are closed.