Wednesday, August 20, 2014

CryptoLocker - take extra care with emails.

CryptoLocker is a particularly nasty strain of malicious software that encrypts your files then demands that you pay a ransom to get them back. It does this to files on your local computer hard drive, attached USB drives and shared network drives. It works by tricking users into infecting their own machines.

We've had several customers hit with CryptoLocker this month, the latest being this morning.

In all cases we had to delete the contents of the shared network drive and restore from a recent backup, which resulted in some data loss. The infected computer has to be disconnected from the network and fully rebuilt.  Any files stored locally within the My Documents or the Desktop folders of these infected computers have been lost.
CryptoLocker is distributed by emails that typically have subject lines claiming that they contain invoice, payment, voicemail, delivery or parcel tracking information. 

The email we saw today was from Australia Post (  and had the subject line of "[your name ] tracking notification!"

Please pass this information around your co-workers and colleagues asking them to take extra care with emails. They must be told not to attachments or click through to links if the message is from an unknown source or is not expected.

Feel free to contact us to discuss and learn what further methods we can use to help prevent CryptoLocker from running.

No comments:

Post a Comment