Archive for July, 2014

Return of the Ransomware

Return of the Ransomware has begun. CryptoLocker has sprung up a botnet of servers to spread the virus, but were soon seized by the FBI after a few hundred thousand English speaking users were infected. That does not mean you should forget about it since the developers will find new ways to spread it, if you do not have it already. So keep your anitvirus and antimalware updated!

Once you get the infection, it takes roughly 72 hours to complete its duty, then it interrupts your workflow with prompts, ads, notification and changes your background, then asks you to pay to fix what they have broken, technically what they encrypted. CryptoLocker targets all your document files, like Word, Excel, PowerPoint, and encrypts them so you cannot open it. 

The first one we found we tried all our tools from Malwarebytes Antimalware and Combofix to Trend Micro and Offline Windows Defender.  While there are several tools that can remove the CryptoLocker virus, there is no way to undo their nasty 256-bit encryption–besides sending your money to the virus developers in the form of bit coins (which can be used for many illegal things like in the black market).

There is hope, however. The virus does not seem to target network files yet, so if you save files to a server, you might be in luck. But, there is no telling when the virus will evolve start targeting remote file systems. The best way to prevent this is to take backups of your data, then take offsite backups, then take backups of your offsite backups..offsite. 

We offer a comprehensive backup solution. For more information and a fancy video, click here.