CryptoLocker is a particularly nasty strain of malicious
software that encrypts your files then demands that you pay a ransom to get
them back. It does this to files on your local computer hard
drive, attached USB drives and shared network drives. It works by
tricking users into infecting their own machines.
We've had several customers hit with CryptoLocker this month, the latest being this morning.
In all cases we had to delete the contents of the shared network drive and restore from a recent backup, which resulted in some data loss. The infected computer has to be disconnected from the network and fully rebuilt. Any files stored locally within the My Documents or the Desktop folders of these infected computers have been lost.
We've had several customers hit with CryptoLocker this month, the latest being this morning.
In all cases we had to delete the contents of the shared network drive and restore from a recent backup, which resulted in some data loss. The infected computer has to be disconnected from the network and fully rebuilt. Any files stored locally within the My Documents or the Desktop folders of these infected computers have been lost.
CryptoLocker is distributed by
emails that typically have subject lines claiming that they contain
invoice, payment, voicemail, delivery or parcel tracking information.
The email we saw today was from Australia Post (info@auspost-delivery.com) and had the subject line of "[your name ] tracking notification!"
The email we saw today was from Australia Post (info@auspost-delivery.com) and had the subject line of "[your name ] tracking notification!"
Please pass this information
around your co-workers and colleagues asking them to take extra care with
emails. They must be told not to attachments or click through to links if the
message is from an unknown source or is not expected.
Feel free to contact us to
discuss and learn what further methods we can use to help prevent
CryptoLocker from running.
No comments:
Post a Comment